Unable to open /dev/io
Earlier, I had asked a question on how to write a byte to the parallel port. And Daan Vreeken was kind enough to point me to a litle c-source that uses /dev/io. Unfortunately, as I just found out, when I raise kern.securelevel to 2 (FreeBSD 4.7R), I can no longer open /dev/io for writing. :( That means I can no longer use this method; because there is no way I will allow my production server to run at kern.securelevel lower than 2. Which means I am back to square one. :( Sigh. Is there then no way to write a simple 0 or 1 to the parallel port, without compromizing the security of the server at large? Thanks, - Mark ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Unable to open /dev/io
> > Earlier, I had asked a question on how to write a byte to the parallel port. > And Daan Vreeken was kind enough to point me to a litle c-source that uses > /dev/io. > > Unfortunately, as I just found out, when I raise kern.securelevel to 2 > (FreeBSD 4.7R), I can no longer open /dev/io for writing. :( That means I > can no longer use this method; because there is no way I will allow my > production server to run at kern.securelevel lower than 2. Which means I am > back to square one. :( > > Sigh. Is there then no way to write a simple 0 or 1 to the parallel port, > without compromizing the security of the server at large? Do you really need to set the secure level to 2? What for? jerry > > Thanks, > > - Mark > ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Unable to open /dev/io
- Original Message - From: "Jerry McAllister" <[EMAIL PROTECTED]> To: "Mark" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Sunday, July 27, 2003 1:20 AM Subject: Re: Unable to open /dev/io > > Earlier, I had asked a question on how to write a byte to the parallel > > port. And Daan Vreeken was kind enough to point me to a litle c-source > > that uses /dev/io. > > > > Unfortunately, as I just found out, when I raise kern.securelevel to 2 > > (FreeBSD 4.7R), I can no longer open /dev/io for writing. :( That means > > I can no longer use this method; because there is no way I will allow my > > production server to run at kern.securelevel lower than 2. Which means I > > am back to square one. :( > > > > Sigh. Is there then no way to write a simple 0 or 1 to the parallel > > port, without compromizing the security of the server at large? > > Do you really need to set the secure level to 2? Yes. :) Because, as the man-pages say, "This level precludes tampering with filesystems by unmounting them." Besides, even on securelevel 1 you can no longer open /dev/io for writing. So, that would mean I'd have to drop all the way to securelevel 0; and that is a steep fall. > What for? I may not run the Pentagon, but I maintain certain security standards. :) One of them is, that I do not lower the entire server to "Insecure mode" just so I can side-step a certain problem. If I start taking short-cuts like that, I might as well quit tomorrow. - Mark ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Unable to open /dev/io
On Sun, 27 Jul 2003 07:19, Mark wrote: > Earlier, I had asked a question on how to write a byte to the parallel > port. And Daan Vreeken was kind enough to point me to a litle c-source that > uses /dev/io. > > Unfortunately, as I just found out, when I raise kern.securelevel to 2 > (FreeBSD 4.7R), I can no longer open /dev/io for writing. :( That means I > can no longer use this method; because there is no way I will allow my > production server to run at kern.securelevel lower than 2. Which means I am > back to square one. :( > > Sigh. Is there then no way to write a simple 0 or 1 to the parallel port, > without compromizing the security of the server at large? > I also responded to your original enquiry suggesting that you might also look at accessing the parallel port via /dev/ppi0 which can set the data port using an ioctl() call -- man page ppi(4) I believe this has less restrictions than /dev/io opening the whole device port area. This might circumvent your problem. > Thanks, > > - Mark > Malcolm Kay ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
