SuperUser permission for the Driver??
shivaprasad javali
jbsp72 at gmail.com
Thu Jun 26 01:26:42 EDT 2008
Sorry for being naive before. Now I have got rules file in udev which grants
access for my usb driver to detach the usb device from the kernel and my
driver works fine without having to be super user. Thank you so much for all
your suggestions.
But I got one more question for you, now to install the activity and having
it running I have to copy the rules file into /etc/udev/rules.d folder. How
can I do this while installing the activity itself. ( I need to make sure
that when I unzip my activity .xo file the rules file lands in the
/etc/udev/rules.d folder)
On Wed, Jun 25, 2008 at 5:31 PM, Carl-Daniel Hailfinger <
c-d.hailfinger.devel.2006 at gmx.net> wrote:
> On 25.06.2008 08:07, Michael Stone wrote:
> > We have an activity that wants superuser privilege in order to poke
> > kernel memory.
> >
>
> Hello? Please take the poor activity out back and shoot it. No activity
> has any business poking kernel memory.
>
> > The real questions we should be attempting to address here include:
> >
> > * Who is granting privilege to this activity?
> >
>
> Everybody who wants to ridicule the security model.
>
> > * How are they doing so?
> >
> > * How should we record the decision?
> >
> > - My tentative answer is that we should store activities with
> > different security properties in well-known directory chains
> > with appropriately restricted write access.
> >
> > * What kinds of abuse are these mechanisms vulnerable to?
> >
> > * Whose responsibility is it to handle the error condition that the
> > human operator does not, him-or-herself posess superuser privilege,
> > e.g. for theft-deterrence reasons?
> >
>
> Just say no.
>
> Having an activity poke kernel memory is a really strong sign that the
> interface is totally broken.
>
> Regards,
> Carl-Daniel
> _______________________________________________
> Devel mailing list
> Devel at lists.laptop.org
> http://lists.laptop.org/listinfo/devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.laptop.org/pipermail/devel/attachments/20080626/7cf0eb61/attachment.html>
More information about the Devel
mailing list