Bug#31864: Should programs that access /dev/* be SGID?

To: submit@bugs.debian.org
Subject: Bug#31864: Should programs that access /dev/* be SGID?
From: Hwei Sheng TEOH <hsteoh@cs.toronto.edu>
Date: Thu, 14 Jan 1999 08:14:24 -0500
Message-id: <[🔎] Pine.GSO.3.95.990114080151.16822A-100000@dvp.cs>
Reply-to: Hwei Sheng TEOH <hsteoh@cs.toronto.edu>, 31864@bugs.debian.org

Package: general
Severity: wishlist

I noticed that a lot of packages that access devices, such as CD players,
audio players, etc., are denied permission to access the relevant devices in
/dev/ when not run as root.

Perhaps such programs should be SGID to whatever group that device is
assigned? For example, since /dev/cdrom is read-writable by group 'disk', a
program, say cdplay, can be SGID to 'disk' so that it can be executed by
normal users. (This is what I've done on my system so that I don't have to su
to root all the time, or make binaries SUID root unnecessarily).

Of course, there might be security/administrative concerns that this might
give undue device access to normal users, but since many Linux boxes (such as
mine) are used only by one person, this should at least be an option during
installation? Or at the very least documented, so that beginners who don't
know about this can find out how to do it.


T

Reply to:

Follow-Ups:
- Bug#31864: marked as done (Should programs that access /dev/* be SGID?)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#31864: Should programs that access /dev/* be SGID?
  - From: "Scott K. Ellis" <storm@stormcrow.org>
- Bug#31864: Should programs that access /dev/* be SGID?
  - From: Joseph Carter <knghtbrd@debian.org>
- Re: Should programs that access /dev/* be SGID?
  - From: md@linux.it (Marco d'Itri)

Prev by Date: Re: Unmet Deps revisted
Next by Date: [saw@msu.ru: PNIAM 0.02 release]
Previous by thread: pending important debian bugs for debian-devel@lists.debian.org
Next by thread: Bug#31864: marked as done (Should programs that access /dev/* be SGID?)
Index(es):
- Date
- Thread