Am Die, 17 Nov 1998 schrieb Chip Grandits:
>A.P. Bell wrote:
>
>> Don't know much about Java. You should temporarily change the permissions on
>> /dev/audio and /dev/dsp to 666 and run your applet -- to ensure that your setuid
>> trick has worked. Also, a method such as play() is likely overriden and so an
>> alternative method like play(<audio_device_name>,...) will likely exist.
>>
>> Again, I don't know anything, just trying to give you some feedback because no
>> one else has thus far.
>>
>> Regards,
>> Andrew Bell
>
> I feel pretty stupid, your idea in fact worked! I guess I've never been bitten by
>a permission
>snafu enough to go right to the beginning. It's funny how people have to tell you
>the obvious
>routes to try.
>
>To be honest I must not really understand permission
>the application appletviewer, which comes with a jdk is really a symlink to a file
>called
>.java_wrapper
># ls -l .java_wrapper
>-r-sr-xr-x 1 root root 3462 Jun 19 01:36 .java_wrapper
>I assumed the 's' in the owner's 'x' spot meant that this executable would execute
>with
>the owner's (i.e. root's) permission. But this wouldn't work until I changed
>/dev/audio to
>chmod 666. (previously it was 660). I guess I don't fully understand.
>Maybe it's something like .java_wrapper invokes a library, and the library has to
>have the
>permission?? Or that 's' doesn't really mean what I think it means??
No. The answer is simple: for security reasons, the suid feature is *DISABLED*
if the file is a shell script. suid only works for applications....
Been there, ........
regards
Wolfgang
