kopia lustrzana https://gitlab.com/sane-project/website
100 wiersze
4.8 KiB
HTML
100 wiersze
4.8 KiB
HTML
<!-- received="Sun Nov 21 18:21:18 1999 PST" -->
|
||
<!-- sent="Mon, 22 Nov 1999 02:15:43 +0000" -->
|
||
<!-- name="Bob van der Poel" -->
|
||
<!-- email="bvdpoel@uniserve.com" -->
|
||
<!-- subject="Re: GIMP/SANE PERMISSIONS" -->
|
||
<!-- id="" -->
|
||
<!-- inreplyto="GIMP/SANE PERMISSIONS" -->
|
||
<title>sane-devel: Re: GIMP/SANE PERMISSIONS</title>
|
||
<h1>Re: GIMP/SANE PERMISSIONS</h1>
|
||
<b>Bob van der Poel</b> (<a href="mailto:bvdpoel@uniserve.com"><i>bvdpoel@uniserve.com</i></a>)<br>
|
||
<i>Mon, 22 Nov 1999 02:15:43 +0000</i>
|
||
<p>
|
||
<ul>
|
||
<li> <b>Messages sorted by:</b> <a href="date.html#208">[ date ]</a><a href="index.html#208">[ thread ]</a><a href="subject.html#208">[ subject ]</a><a href="author.html#208">[ author ]</a>
|
||
<!-- next="start" -->
|
||
<li> <b>Next message:</b> <a href="0209.html">Douglas Gilbert: "Re: GIMP/SANE PERMISSIONS"</a>
|
||
<li> <b>Previous message:</b> <a href="0207.html">Larry Snyder: "Re: Problem with SANE and SCSI scanner"</a>
|
||
<li> <b>Maybe in reply to:</b> <a href="0131.html">David McCormick: "GIMP/SANE PERMISSIONS"</a>
|
||
<!-- nextthread="start" -->
|
||
<li> <b>Next in thread:</b> <a href="0209.html">Douglas Gilbert: "Re: GIMP/SANE PERMISSIONS"</a>
|
||
<!-- reply="end" -->
|
||
</ul>
|
||
<!-- body="start" -->
|
||
Douglas Gilbert wrote:<br>
|
||
<i>> </i><br>
|
||
<i>> Oliver Rauch wrote:</i><br>
|
||
<i>> ></i><br>
|
||
<i>> > Bob van der Poel wrote:</i><br>
|
||
<i>> ></i><br>
|
||
<i>> > > What I did was to make xsane SUID. This leaves it's own problems....</i><br>
|
||
<i>> ></i><br>
|
||
<i>> > Hi Bob,</i><br>
|
||
<i>> ></i><br>
|
||
<i>> > I don`t think this is much better.</i><br>
|
||
<i>> ></i><br>
|
||
<i>> > I suggest to create a goup "sane" or "scanner" and</i><br>
|
||
<i>> > make the relevant /dev/sg? device that group and mode 660</i><br>
|
||
<i>> </i><br>
|
||
<i>> I'm working on an additional interface to the Linux sg</i><br>
|
||
<i>> driver which allows 2 ways to talk to the SCSI device:</i><br>
|
||
<i>> 1) write() request then read() response [existing method]</i><br>
|
||
<i>> 2) an ioctl() call SG_IO that has a similar effect</i><br>
|
||
<i>> </i><br>
|
||
<i>> Now 2) is new (for Linux) and will make for simpler interface</i><br>
|
||
<i>> code and allow for more flexible sg device permissions.</i><br>
|
||
<i>> [ Method 1) is staying for backward compatibility, polling,</i><br>
|
||
<i>> aynchronous notification and multi-threaded work.]</i><br>
|
||
<i>> </i><br>
|
||
<i>> Now the sg device driver can do nothing about write</i><br>
|
||
<i>> permissions being needed for method 1) because it involves</i><br>
|
||
<i>> a write() system call. Method 2) doesn't have this restriction</i><br>
|
||
<i>> but some care is needed. It is probably not a good idea to</i><br>
|
||
<i>> let a user with only read permissions to a SCSI disk send</i><br>
|
||
<i>> a WRITE or a FORMAT command to it. The logic for the</i><br>
|
||
<i>> SG_IO ioctl() at the moment looks at the SCSI device type</i><br>
|
||
<i>> (e.g. scanner, disk etc) and the SCSI coomand code. In the</i><br>
|
||
<i>> case of a scanner it lets all SCSI commands through. Is this</i><br>
|
||
<i>> a good idea or should some SCSI commands to a scanner be</i><br>
|
||
<i>> restricted if a user does not have write permissions?</i><br>
|
||
<i>> </i><br>
|
||
<i>> Doug Gilbert</i><br>
|
||
<p>
|
||
I'm not an expert on permissions, etc. But... what you are doing sounds<br>
|
||
dangerous to me. I'd just leave the thing alone and let the user worry<br>
|
||
about one of many ways to access the device with read/write:<br>
|
||
<p>
|
||
SUID Root<br>
|
||
Run as root<br>
|
||
change the permissions on /dev/sg?<br>
|
||
set a group, sane, with read/write permissions<br>
|
||
<p>
|
||
I guess the advantage to running though ioctl() is that the user doesn't<br>
|
||
need to worry about setting permissions. But, in this case wouldn't ALL<br>
|
||
users get permission to use the scanner? Or even, not USE it, but write<br>
|
||
to it (which might be even more dangerous?).<br>
|
||
<p>
|
||
<p>
|
||
__<br>
|
||
/ ) / Bob van der Poel<br>
|
||
/--< ____/__ <a href="mailto:bvdpoel@uniserve.com">bvdpoel@uniserve.com</a><br>
|
||
/___/_(_) /_) <a href="http://users.uniserve.com/~bvdpoel">http://users.uniserve.com/~bvdpoel</a><br>
|
||
<p>
|
||
<p>
|
||
<pre>
|
||
--
|
||
Source code, list archive, and docs: <a href="http://www.mostang.com/sane/">http://www.mostang.com/sane/</a>
|
||
To unsubscribe: echo unsubscribe sane-devel | mail <a href="mailto:majordomo@mostang.com">majordomo@mostang.com</a>
|
||
</pre>
|
||
<!-- body="end" -->
|
||
<p>
|
||
<ul>
|
||
<!-- next="start" -->
|
||
<li> <b>Next message:</b> <a href="0209.html">Douglas Gilbert: "Re: GIMP/SANE PERMISSIONS"</a>
|
||
<li> <b>Previous message:</b> <a href="0207.html">Larry Snyder: "Re: Problem with SANE and SCSI scanner"</a>
|
||
<li> <b>Maybe in reply to:</b> <a href="0131.html">David McCormick: "GIMP/SANE PERMISSIONS"</a>
|
||
<!-- nextthread="start" -->
|
||
<li> <b>Next in thread:</b> <a href="0209.html">Douglas Gilbert: "Re: GIMP/SANE PERMISSIONS"</a>
|
||
<!-- reply="end" -->
|
||
</ul>
|