El 05 Dec 2000 a las 06:18PM -0900, Ethan Benson escribio: > On Wed, Dec 06, 2000 at 02:01:36AM +0100, Andres Seco Hernandez wrote: > > One of the daemons need access to a serial device, so i think is good to > > set its group uid bit and set its group to dialout. > > disagreed, if its a daemon not to be run by users then the user it > runs as should be a member of group dialout. users should not be able > to access the serial devices in any way unless they are members of > group dialout (except through ppp, in which they are member of group > dip instead). setgid/setuid is something you should avoid using > unless absolutely necessary. writing set[ug]id safe code takes much > care. How must i run it then? I supose that the init.d script to start/stop the daemon is run as root, so, the daemon itselft too. Then, must i change user efective id inside the code? I think is easiest to made it setuid with the new user. > -- > Ethan Benson > http://www.alaska.net/~erbenson/ Thanks a lot. -- Andres Seco Hernandez, MCP ID 445900 AndresSH@ctv.es - http://www.ctv.es/USERS/andressh GnuPG public information: pub 1024D/3A48C934 E61C 08A9 EBC8 12E4 F363 E359 EDAC BE0B 3A48 C934 -------------------------------------------------- Alamin GSM SMS Gateway - http://alamin.sourceforge.net Debian GNU/Linux - http://www.debian.org
Attachment:
pgpYY7TD7tWgO.pgp
Description: PGP signature