Re: flexfax: Is root access neccessary to configure

[Nico Kadel-Garcia <raoul@cirl.meei.harvard.edu>]

-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 2 Sep 1999, Tom Tilque wrote:

> Is there a reason other than permission to files that I need root access to
> configure
> hylafax.  My system administrator is having a problem with giving me root.

Umm. HylaFAX has to manipulate the serial lines, and open TCP ports
numbered less than 1024. These both take root permission to run. So
even if it is possible in theory to *configure* as non-root, it
must run as root. Therefore, configuration should also be done
as root to avoid potential security holes.

> I guess
> I the only reason is file permissions why can't I change the perms on all
> the files
> in /usr/local/Hylafax... so that I can access them as another user.

This would be a *stunning* security hole. Don't do it. If you can't
get permission to have root access from your sys-admin, you probably
shouldn't be installing HylaFAX on the machine. Can you get your admin
to do the installation for you, or have him log you in as root and let
you do it with him looking over your shoulder? Can you get a discarded
386 or better, install Linux, and run the HylaFAX on that machine?

			Nico Kadel-Garcia
			Senior Engineer, CIRL 
			Mass. Eye and Ear Infirmary
			raoul@cirl.meei.harvard.edu

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBN86XqD/+ItycgIJRAQHAgAP/cTPDmvj4AYqlLoZ+Bf5iGjJBseQrSLO8
HjjMNF1dbRgmpztXw5OIafU/oIDZjTXILXgg7oxDgq3DJvXJbU4za5WGDC8UaDgt
L0HJh+Yz6HbHMu0/zW2phiX0L9nHVDmddZxp97NHVecQku3t7DPV98EUl8QHz3mq
2f9H8Kz/imE=
=wTSO
-----END PGP SIGNATURE-----