Bug#31864: Should programs that access /dev/* be SGID?

To: Hwei Sheng TEOH <hsteoh@cs.toronto.edu>, 31864@bugs.debian.org
Subject: Bug#31864: Should programs that access /dev/* be SGID?
From: "Scott K. Ellis" <storm@stormcrow.org>
Date: Thu, 14 Jan 1999 10:25:26 -0500 (EST)
Message-id: <[🔎] Pine.SO4.4.05.9901141024410.22959-100000@escher.powersite.net>
Reply-to: "Scott K. Ellis" <storm@stormcrow.org>, 31864@bugs.debian.org
In-reply-to: <[🔎] Pine.GSO.3.95.990114080151.16822A-100000@dvp.cs>

On Thu, 14 Jan 1999, Hwei Sheng TEOH wrote:

> Package: general
> Severity: wishlist
> 
> I noticed that a lot of packages that access devices, such as CD players,
> audio players, etc., are denied permission to access the relevant devices in
> /dev/ when not run as root.
> 
> Perhaps such programs should be SGID to whatever group that device is
> assigned? For example, since /dev/cdrom is read-writable by group 'disk', a
> program, say cdplay, can be SGID to 'disk' so that it can be executed by
> normal users. (This is what I've done on my system so that I don't have to su
> to root all the time, or make binaries SUID root unnecessarily).
> 
> Of course, there might be security/administrative concerns that this might
> give undue device access to normal users, but since many Linux boxes (such as
> mine) are used only by one person, this should at least be an option during
> installation? Or at the very least documented, so that beginners who don't
> know about this can find out how to do it.

Reply to:

References:
- Bug#31864: Should programs that access /dev/* be SGID?
  - From: Hwei Sheng TEOH <hsteoh@cs.toronto.edu>

Prev by Date: Re: Source Dependencies, a real solution
Next by Date: Re: Packaging perl stuff
Previous by thread: Bug#31864: marked as done (Should programs that access /dev/* be SGID?)
Next by thread: Bug#31864: Should programs that access /dev/* be SGID?
Index(es):
- Date
- Thread