Hello Craig, hello all,
> Hamish Moffatt said:
> > On Debian it seems to be installed non-setuid. Although that's a change
> > from the previous ax25-utils I suppose it makes sense -- normal
> > users can't run tcpdump either.
>
> This is kind of a tricky one. Do you make ordinary users be able to
> access listen or do you not? There is plenty of argument for and
> against this approach. I have gone the conservative path and made it
> non-setuid.
>
> If you really what users to use it, then you can either:
> 1) chmod u+s /usr/bin/listen
> 2) Use sudo on it
> 3) Use suidmanager on it.
Since the sockets are only available for programs with root
permissions, this all is clear. But imagine the following situation:
I work with my Linux box in the normal way using some user
account (as it is recommended everywhere).
Of course, I also want to be able to use Packet Radio from this
user account since it doesn't seem to be good to do this from the
root account.
To see who is QRV I need to monitor the QRG, though.
So it seems there must be a solution like the following available to
avoid setting the whole terminal program UID root:
On the socket listens a daemon with UID root that could be started
upon system boot or with sudo or something else to assure its root
permissions. The terminal then must be able to talk to this daemon
to get information about the actual traffic on the QRG.
Is this a suitable approach or do I miss something here?
Cheers
Gerd
