[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /dev/apm_bios perms 664?

On Fri, 5 Apr 2002 15:50, Thomas Hood wrote:
> Permissions on /dev/apm_bios are currently 660.
> Is there any reason these permissions shouldn't be 664?
> The latter would allow non-root users to find out about
> power management events (but not to initiate them).

You should ask the authors of the apm kernel code about that.

> I would also like to know what people think would be the
> right way safely to allow users other than root to perform
> power management events.  Currently only root can perform
> apm suspend, for example.  It would be nice if anyone in
> the operator group could also do this.  The apm driver
> requires CAP_SYS_ADMIN for privileged operations, so a
> setuid program would be required.  Report #134595 asks
> that /usr/bin/apm simply be made setuid root; please read
> the discussion there first.

SUID root is not required to provide capabilities on LSM systems, but that's 
probably not relevant to this discussion.

Why not use pam_group.so to add the apm group to the user if they login at 
the console?  If you're at the console of a laptop you can always suspend by 
shutting the lid anyway...

If you send email to me or to a mailing list that I use which has >4 lines
of legalistic junk at the end then you are specifically authorizing me to do
whatever I wish with the message and all other messages from your domain, by
posting the message you agree that your long legalistic sig is void.

To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: