[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Permission policy

On Thu, Mar 16, 2000 at 01:43:22AM +0100, Bernd Eckenfels wrote:
> On Wed, Mar 15, 2000 at 01:12:49PM +0100, Volker Ossenkopf wrote:

> BTW: there is a idea for settig groups for console access to devices
> like cdrom, floppy, sound, mic, cam... so each user who logs into the
> sonsole will get added to that groups, then your program does not need to be
> sgid anyrthing, which is bad anyway since everybody even on networked
> terminal could start it.

I am by setting all linux installations this way:
I add this line to /etc/security/group.conf:
login;tty?|tty??&!ttyp*;*;Al0000-2400;floppy, audio
and configure pam to use it.

| Radovan Garabik http://melkor.dnp.fmph.uniba.sk/~garabik/ |
| __..--^^^--..__    garabik @ melkor.dnp.fmph.uniba.sk     |
Antivirus alert: file .signature infected by signature virus.
Hi! I'm a signature virus! Copy me into your signature file to help me spread!

Reply to: