[fpc-devel] Linux kernel behaviour change regarding keyboard
Daniël Mantione
daniel.mantione at freepascal.org
Wed Jul 18 20:52:35 CEST 2007
Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
> On Wed, 18 Jul 2007, Ales( Katona wrote:
> =
> > Why? You have your good ol' PING doing it. I agree tho that if a wrapper
> > can do it for us it's safest. Or if the ide can do it on start, and
> > always setuid(userid) itself right after setting the proper things. I
> > don't see a problem with ANY program being setuid if it has a proper
> > reason, and is audited for it.
> > =
> > But as I sayed a wrapper, of if there's a non-setuid way then of course
> > that should be used.
> =
> Under the assumption a setuid root program is the only possible option:
> =
> The safest - and in my opinion only correct - way is to write a small set=
uid =
> root program which sets the proper TTY stuff, and then executes the IDE a=
s =
> the normal user.
> =
> The program can easily be audited, as it'll be maybe 50 lines of code...
If the user switches VT, the keyboard needs to be unpatched. So this =
approach won't fully work. However, a solution that can work is to make =
the keyboard unit execute a setuid root helper to which it communicates =
through a pipe.
Dani=EBl
More information about the fpc-devel
mailing list