[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Devices and permissions



Le mercredi 20 octobre 2004 Ã 13:48 +0200, Alain PORTAL a Ãcrit :
> Hi Nils, thanks for your answer.
> 
> Le mercredi 20 Octobre 2004 11:32, Nils Philippsen a Ãcrit :
> 
> > So is it a client or a server application?
> 
> Perhaps I need to tell more about this application: this is an IDE for the 
> developpement of Microchip PIC based applications. This IDE also can program 
> chip devices through serial or paralell ports programmers.
> http://pikdev.free.fr/
> So, logged user need to access to the serial/paralell ports in RW mode.
> We should consider that is a client application.
> 
> > If it's a client application, 
> > all users who want to use it must have the permissions, either by
> > belonging to a special group or /etc/security/console.perms trickeries.
> 
> Create a special group doesn't seem to me a good idea because if a new user is 
> added after the package installation, he won't belong to the new group and 
> administrator will need to add him manually.
> I prefer a solution where all users can use the application by default.
> 
> So, using /etc/security/console.perms seems the best way.
> Here is my purposal:
> 
> # device classes 
> <serialport>=/dev/ttyS[0-9]
> <paralellport>=/dev/parport[0-7]
> 
> # permission definitions
> <console>  0600 <serialport>      0660 root.uucp
> <console>  0600 <paralellport>    0660 root.lp
> 
> Does it seem right for you?
> 
> How can I add/remove these lines via rpm (un)installation?
> 

With Perl, sed ...

Personally, I don't like that third party package touch security files.
Put some instructions in README or INSTALL file and let the
administrator do his job :-)

Attachment: signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]