[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: How can i call a function which is usually used by root?



On Tue, Dec 02, 2008 at 01:53:56PM +0000, Paul Black wrote:
> 2008/12/2 Wildemar Wildenburger wrote:
> 
> > And if you absolutely have to use the device files, then you could
> > always change their permissions. Not that that's recommended, just
> > saying.
> 
> 
> Changing permissions is not wise as it allows a user to bypass filesystem
> permissions.
> 
> A possibility is for the OP to read up on setuid and setgid; that offers the
> potential to restrict a user to what a program will allow rather than
> allowing unfettered access to a device (assuming no security holes in the
> application).

I think most programmers tend to make it the user's prerogative to run
the program using 'sudo' or 'su -c' to inherit the proper privileges.
In other words, the permission error you're getting is something
normal users should expect when they try to run against a device to
which they don't have access.  Elevating their privilege automatically
inside a program is generally frowned upon.

-- 
Paul W. Frields                                http://paul.frields.org/
  gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233  5906 ACDB C937 BD11 3717
  http://redhat.com/   -  -  -  -   http://pfrields.fedorapeople.org/
  irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug

Attachment: pgpAuCbxUEMzk.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]