Re: flexfax: faxsetup on Linux (bug in moduser?)

[Nico Garcia <raoul@cirl.meei.harvard.edu>]

-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 10 Nov 1997, Carsten Hoeger wrote:

> On Mon, 10 Nov 1997, Nico Garcia wrote:
> 
> > On Mon, 10 Nov 1997, Carsten Hoeger wrote:
> > 
> > > Another point is, that the uid of uucp and fax has to be the same. That's
> > > not a very good solution. We changed this and put uucp and fax in the same
> > > group. That works...
> > 
> > Ummm. This is not ideal. Dial-up lines and lock files are normally
> > owned by the calling process, UUCP or HylaFAX. Using the same group
> > for the uucp/fax users should only work if the lock files are left
> > with group write permission, and the serial lines left owned by that
> > user. I'd want to think about that before doing it.
> 
> Why not rw-permissions for the 'dialin' groups lock-files?
> Do you think that this may be a security hole?

That's why I'd have to think about it. It requires the addition and
manipulation of a group permission, an otherwise unnecessary feature.
It also means that every other program in the universe, such as PPP,
minicom, and commercial packages would need to comply with a new
standard. They'd also have to be careful not to alter the permissions
when they exit their programs, leaving them at this new standard
rather than the classic "crw------- uucp uucp" permissions and
ownership.

It's feasible: is it *worth* it, and what else will it break?

			Nico Garcia
			Engineer, CIRL 
			Mass. Eye and Ear Infirmary
			raoul@cirl.meei.harvard.edu

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNGdNez/+ItycgIJRAQEu8AP/SJ6GSCWRxoLUdjsQx3Q/TkRfqbFxfYjo
zzxWptueFcebCNv+aqItxyox3MGe1ziUxqUp1MIHyxl4EimXqxbqQkfU7TrxSBlr
1+BSUxKeb5JyGlsZb67YrbJK/B5HjfyZ6pQVoWK9Xc5OfveDNwvE+nyuQwZoMHSy
M3VpllflyjM=
=Egqt
-----END PGP SIGNATURE-----