Robert Heller writes:
> Ingo Flaschberger <firstname.lastname@example.org>,
> In a message on Tue, 28 Jan 2003 01:59:15 +0100 (MET), wrote :
>IF> > Now, I have two more problems:
>IF> > Gora - what you said is correct; I have to be root to get your program t
>IF> > work. Otherwise, I get a "segmentation fault" error. How can I get aro
>IF> > this?
As others have suggested, one possibility is to set the suid bit for the
executable, though this does indeed open a security risk, especially if
you want to make this program accessible through the web.
>IF> > I need to have Apache (which runs as wwwrun) execute this code in my cgi
>IF> > directory. I'm setting this up so when someone clicks on a bar
>IF> > on the webpage, it pulls in a relay.
I am not very clear on CGI programming, but I think that if the suid bit is
set on the program, and the wwwrun user is able to execute it, this should
just work. Consider the security risk again.
>IF> suid-bit? -> http://www.linuxgeek.net/index.pl/suid
>Better: chown/chmod of /dev/lp?
Please correct me if I am wrong, but does not the use of the /dev/lp? files
imply that the parallel port has some device connected to it that is able
to communicate with the parport driver? I.e., you cannot use it to simply set
the data lines high. Or, at least I have not been able to do a
"cat > /dev/lp0"
Another possibility is writing to /dev/port after a suitable lseek, but
it seems that at least in the latest kernels /dev/port access is root only,
with the filesystem permissions being ignored.
>The suid-bit is seriously *dangerious*. All it takes is a silly
>buffer-overrun bug and a seriously clever cracker and your system is
>Changing the ownership and/or protection of a file in /dev is far
This advice is seconded in general. However, what file in /dev can I set
permissions on so as to permit a normal user to set the parallel port data
-- To unsubscribe, send mail to: email@example.com --
-- with the single word "unsubscribe" in the body of the message. --
This archive was generated by hypermail 2b29 : Mon Jan 27 2003 - 23:48:58 EST