Re: [PARPORT] Using C to program printer port

From: Gora Mohanty (gora@solar2.ucr.edu)
Date: Mon Jan 27 2003 - 23:36:35 EST

  • Next message: Gora Mohanty: "Re: [PARPORT] Using C to program printer port"

    Robert Heller writes:
    > Ingo Flaschberger <if@sil.at>,
    > In a message on Tue, 28 Jan 2003 01:59:15 +0100 (MET), wrote :

    [...]

    >IF> >
    >IF> > Now, I have two more problems:
    >IF> >
    >IF> > Gora - what you said is correct; I have to be root to get your program t
    >o
    >IF> > work. Otherwise, I get a "segmentation fault" error. How can I get aro
    >und
    >IF> > this?

    As others have suggested, one possibility is to set the suid bit for the
    executable, though this does indeed open a security risk, especially if
    you want to make this program accessible through the web.

    >IF> >
    >IF> > I need to have Apache (which runs as wwwrun) execute this code in my cgi
    >-bin
    >IF> > directory. I'm setting this up so when someone clicks on a bar
    >IF> > on the webpage, it pulls in a relay.

    I am not very clear on CGI programming, but I think that if the suid bit is
    set on the program, and the wwwrun user is able to execute it, this should
    just work. Consider the security risk again.

    >IF>
    >IF> suid-bit? -> http://www.linuxgeek.net/index.pl/suid
    >
    >Better: chown/chmod of /dev/lp?

    Please correct me if I am wrong, but does not the use of the /dev/lp? files
    imply that the parallel port has some device connected to it that is able
    to communicate with the parport driver? I.e., you cannot use it to simply set
    the data lines high. Or, at least I have not been able to do a
    "cat > /dev/lp0"
      Another possibility is writing to /dev/port after a suitable lseek, but
    it seems that at least in the latest kernels /dev/port access is root only,
    with the filesystem permissions being ignored.

    >The suid-bit is seriously *dangerious*. All it takes is a silly
    >buffer-overrun bug and a seriously clever cracker and your system is
    >trashed.
    >
    >Changing the ownership and/or protection of a file in /dev is far
    >safer.

    [...]

    This advice is seconded in general. However, what file in /dev can I set
    permissions on so as to permit a normal user to set the parallel port data
    lines?

    Regards,
    Gora

    -- To unsubscribe, send mail to: linux-parport-request@torque.net --
    -- with the single word "unsubscribe" in the body of the message. --



    This archive was generated by hypermail 2b29 : Mon Jan 27 2003 - 23:48:58 EST