[plug] 4 Port serial cards, mgetty etc etc
Matt Kemner
zombie at wasp.net.au
Thu Sep 7 11:41:24 WST 2000
On Thu, 7 Sep 2000, Earnshaw, Mike wrote:
> If I follow your suggestion and chmod them to 660 that is not the same
> as the distro settings.
Then set them the same as the distro. :)
Debian sets the group to "dialout" and chmods them to "660" so you can add
people that need to be able to dial _out_ of the box to the dialout group.
> Thinking this through if I had connected a modem to S[0-3] it would not
> have worked for anyone but root
Not true. Even with mode 660 it would only "work" for people in the
specified (in this case tty) group, which I would hope are only those
users you trust implicitly - you see you are giving them permission to
access the device directly, which allows them to use any of your modems to
dial _out_ and possibly rack up huge phonebills in the process.
You want to set them up so they are only writable by root (or trusted
users) - and then when someone dials in, the appropriate getty program (ie
mgetty) will chown the device to that user - and as soon as they log out,
chown it back to root.
You can test this theory by looking at eg /dev/tty6 and then going to that
virtual terminal (alt-F6) and logging in as a user, and comparing
ownership & permissions - then logging out and comparing again.
- Matt
More information about the plug
mailing list