dazuko-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Dazuko-devel] Re: Dazuko device owned by non-root user


From: robert
Subject: [Dazuko-devel] Re: Dazuko device owned by non-root user
Date: Fri, 23 Dec 2005 20:32:14 +0000
User-agent: KMail/1.8.2

On Friday 23 December 2005 16:40, John Ogness wrote:
> In summary, I wouldn't go so far to say that you are courting disaster for
> KlamAV users. But by using a special group with setgid binaries, you would
> be creating an environment that is less prone to problems. A special group
> also allows other non-priveledged Dazuko applications to run on the system
> without requiring that application to run as a specific user.
>

Thank you for such a detailed response John. Unfortunately, an sgid based 
solution may not be practical for KlamAV - since the scanner is currently 
external to KlamAV (i.e. clamd)  and only the source distribution could be 
sure of altering the permissions on the binary at install stage. (Unless I'm 
missing a trick!)

So it does sound that the simplest and safest solution is to access dazuko as 
root - less user friendly, but definitely safer until I figure a good way of 
implementing your recommendation.

Thanks again!

Robert




reply via email to

[Prev in Thread] Current Thread [Next in Thread]