Hello Tomi, hello all,
> > So it seems there must be a solution like the following available to
> > avoid setting the whole terminal program UID root:
> >
> > On the socket listens a daemon with UID root that could be started
> > upon system boot or with sudo or something else to assure its root
> > permissions. The terminal then must be able to talk to this daemon
> > to get information about the actual traffic on the QRG.
> >
> > Is this a suitable approach or do I miss something here?
>
> I don't see the need for such an elaborate arrangement, at least if the
> only reason was to replace the current "listen". Listen has no user
> interaction and it should be pretty easy to make sure it has no buffer
> overflows or other security risks. So there really isn't any reason a
> sysop couldn't make it setuid root if he/she wants to. It's just that now
> it isn't setuid root by default.
A thing that should be mentioned in the HOWTO, though.
But I was thinking a little bit further. Packet Radio terminal
programs that want to be able to monitor and show the traffic on
the QRG (similar to let's say Eskay Packet under DOS) have to
open and establish interaction with the same socket as the listen
program.
Since there _is_ user interaction in this scenario one should avoid
making such a beast UID root as a whole. That is the reason for
my above idea.
In another mail Heikki Hannikainen
<[EMAIL PROTECTED]> mentioned setting only
certain program parts UID root since this is
only required to _open_ the socket.
Is this at all possible? Until now, I thought
that only whole programs could be set to run
under UID root.
Bringing a little bit of light into this issue
would be greatly appreciated ;)
Cheers, 73
Gerd