[wplug] re: seyon/minicom

[Luquilla Hughes]

My understaning of the situation:
That is the right answer. or you could move the modem to its own group and 
only allow people you want to have access to the modem to the group.

You may harm important files that belong to the uucp group if the file 
permissons allow it. because juan now has control of everything of the 
group.

Minicom seems to operate with the setuid, and everything I have read 
indicates that there is a security hole in Setuid and if at all possible you 
should avoid it. I am not sure if you could really clasify it as "unsafe". I 
hope that a security guru will chime in with the correct answer.

>From: Juan Zuluaga <jz31416 at yahoo.com>
>Reply-To: wplug at wplug.org
>To: wplug at wplug.org
>Subject: [wplug] re: seyon/minicom
>Date: Thu, 18 Jan 2001 22:40:55 -0800 (PST)
>
>I think I found a solution, but I want to ask how
>correct it is:
>As Celine said, looking at the file permissions:
>crw-rw----   1 root     tty        4,  65 Jan  4 22:32
>/dev/ttyS1
>lrwxrwxrwx   1 root     uucp            4 Oct 27  1998
>/dev/modem -> cua1
>crw-rw----   1 root     uucp       5,  65 Jan 19 01:43
>/dev/cua1
>And the user "juan" (me) does not belong to the uucp
>or the tty groups. Then, I wrote
>uucp::14:uucp,juan  in /etc/group
>and now I am happily using my Seyon.
>BUt, is it the right answer? What I am allowing "juan"
>to do? May I harm important files now?
>And does it mean that Minicom is an unsafe program?
>
>__________________________________________________
>Do You Yahoo!?
>Get email at your own domain with Yahoo! Mail.
>http://personal.mail.yahoo.com/
>_______________________________________________
>wplug mailing list
>wplug at wplug.org
>http://www.wplug.org/mailman/listinfo/wplug

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com