Re: /dev/apm_bios perms 664?
On Fri, 5 Apr 2002 15:50, Thomas Hood wrote:
> Permissions on /dev/apm_bios are currently 660.
> Is there any reason these permissions shouldn't be 664?
> The latter would allow non-root users to find out about
> power management events (but not to initiate them).
You should ask the authors of the apm kernel code about that.
> I would also like to know what people think would be the
> right way safely to allow users other than root to perform
> power management events. Currently only root can perform
> apm suspend, for example. It would be nice if anyone in
> the operator group could also do this. The apm driver
> requires CAP_SYS_ADMIN for privileged operations, so a
> setuid program would be required. Report #134595 asks
> that /usr/bin/apm simply be made setuid root; please read
> the discussion there first.
SUID root is not required to provide capabilities on LSM systems, but that's
probably not relevant to this discussion.
Why not use pam_group.so to add the apm group to the user if they login at
the console? If you're at the console of a laptop you can always suspend by
shutting the lid anyway...
If you send email to me or to a mailing list that I use which has >4 lines
of legalistic junk at the end then you are specifically authorizing me to do
whatever I wish with the message and all other messages from your domain, by
posting the message you agree that your long legalistic sig is void.
To UNSUBSCRIBE, email to email@example.com
with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org