Re: sound executables permissions
On Mon, 27 Jan 1997 15:45:25 EST Joey Hess (joey@kite.ml.org) wrote:
> > But what would IMHO be a better thing would be to add a person to the
> > audio group when it logs on the console or with xdm. There should be a
> > /etc/logingroups file or whatever, which should say what supplementary
> > groups one should get when logged on a device.
> >
> > I know that Sun an HP use a /etc/logindevperm which chowns some devices
> > depending on which terminal was used for login, but I don't like this
> > because in Linux, several persons can be logged on the console at the
> > same time.
> >
> > But this is more ``secure'' than my proposed approach (because once you
> > get the supplemental group, you can create a setgid shell to keep this
> > group).
> >
> > What do you think about implementing this in Debian ?
>
> I like it. Would /etc/group just be edited when the person logs in, to
> change the groups they are a member of?
Not at all... /etc/group is consulted during the login (with initgroups() if I remember correctly) to initialize the supplemental group list.
We should just add some terminal-based supplemental groups when calling this function, and not touch the /etc/group file.
If I've got time, I'll try to hack this in /bin/login and in xdm.
But I've already plenty of stuff to do :-(
Phil.
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: