I would say , give them root access. Cause if you don't they
might try to hack it with some weird module, wich _WILL_ work.
And secondly , one typo in a module and yer machine is gone, so its
a playground anyway , so just as well remove the root password totaly.
Nobody of course would try out modules on a production machine :-)
- Erwin
Tomasz Motylewski wrote:
>
> On Fri, 17 Sep 1999, Ramon Costa [iso-8859-1] Castelló wrote:
>
> > Is is necessary to be the root ? (these introduces
> > several difficulties to me, because everybody needs
> > to know the root's passwd)
>
> insmod requires superuser priviledges. You can achieve that making this
> binary SUID.
>
> pc-1074:/sbin# cd /sbin
> pc-1074:/sbin# ls -l insmod
> -rwxr-xr-x 1 root root 30912 Sep 9 02:45 insmod
> pc-1074:/sbin# chmod o-rx insmod
> pc-1074:/sbin# chmod u+s insmod
> -rwsr-x--- 1 root root 30912 Sep 9 02:45 insmod
>
> In this was everyone in group root would be able to use it.
>
> But please keep in mind that ability to insert any kernel modules is
> equivalent to giving root access to people. Code running in kernel space has
> even more priviledges than any program running as root. There are many
> examples of modules on the net, which inserted give certain users root.
>
> So there is no good solution to your problem. Programming in the kernel is
> like programming under DOS - no protection.
>
> Best regards,
> --
> Tomek
>
> --- [rtl] ---
> To unsubscribe:
> echo "unsubscribe rtl" | mail [EMAIL PROTECTED] OR
> echo "unsubscribe rtl <Your_email>" | mail [EMAIL PROTECTED]
> ----
> For more information on Real-Time Linux see:
> http://www.rtlinux.org/~rtlinux/
--
Q - S O F T - E N G I N E E R I N G
Rodachtalweg 11, 81549 Muenchen, Germany
Erwin Rol (Software Engineer) phone: +49-89-68050051
[EMAIL PROTECTED] fax : +49-89-68050052
--- [rtl] ---
To unsubscribe:
echo "unsubscribe rtl" | mail [EMAIL PROTECTED] OR
echo "unsubscribe rtl <Your_email>" | mail [EMAIL PROTECTED]
----
For more information on Real-Time Linux see:
http://www.rtlinux.org/~rtlinux/
