mirror
/
sane-project-website
kopia lustrzana https://gitlab.com/sane-project/website
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność
sane-project-website/old-archive/1998-10/0121.html

103 wiersze
5.0 KiB
HTML
Czysty Zwykły widok Historia

Import old-archive/ for static website generation purposes
2018-02-17 07:25:17 +00:00
<!-- received="Thu Oct 8 11:11:52 1998 PDT" -->
<!-- sent="Thu, 8 Oct 1998 14:23:05 -0400 (EDT)" -->
<!-- name="Terry Mackintosh" -->
<!-- email="terry@terrym.com" -->
<!-- subject="Re: saned - Problem found" -->
<!-- id="" -->
<!-- inreplyto="199810081523.RAA19019@sunserver1.rz.uni-duesseldorf.de" -->
<title>sane-devel: Re: saned - Problem found</title>
<h1>Re: saned - Problem found</h1>
<b>Terry Mackintosh</b> (<a href="mailto:terry@terrym.com"><i>terry@terrym.com</i></a>)<br>
<i>Thu, 8 Oct 1998 14:23:05 -0400 (EDT)</i>
<p>
<ul>
<li> <b>Messages sorted by:</b> <a href="date.html#121">[ date ]</a><a href="index.html#121">[ thread ]</a><a href="subject.html#121">[ subject ]</a><a href="author.html#121">[ author ]</a>
<!-- next="start" -->
<li> <b>Next message:</b> <a href="0122.html">Matto Marjanovic: "Re: saned - Problem found"</a>
<li> <b>Previous message:</b> <a href="0120.html">Thomas Kluge: "Re: Mustek ScanExpress 6000 SP"</a>
<li> <b>In reply to:</b> <a href="0113.html">becka@rz.uni-duesseldorf.de: "Re: saned - Problem found"</a>
<!-- nextthread="start" -->
<!-- reply="end" -->
</ul>
<!-- body="start" -->
On Thu, 8 Oct 1998 <a href="mailto:becka@rz.uni-duesseldorf.de">becka@rz.uni-duesseldorf.de</a> wrote:<br>
<p>
<i>&gt; Hi !</i><br>
<i>&gt; </i><br>
<i>&gt; &gt; Added both read and write for every one, changed the line in inet.conf</i><br>
<i>&gt; &gt; back to nobody.nobody, and all works well.</i><br>
<i>&gt; </i><br>
<i>&gt; Hmm - this isn't a very good solution, but ...</i><br>
<p>
OK, I'm listening, what is a better solution?<br>
<p>
This is the first time I have EVER had a scsi device, so I'm not real<br>
familiar with all the in's and out's, the card is an Adaptec 2940 uw, the<br>
scanner is an HP LaserJet 5p, w/ an uw scsi to scsiII adapter cable in the<br>
middle, if all that matters.<br>
<p>
I have a group called 'sys':<br>
[root@home /etc]# grep sys group<br>
sys::3:root,bin,adm<br>
<p>
Should I run the scanner as nobody.sys? Then I could remove the<br>
permissions for the world from /dev/sga, as the group is sys.<br>
<p>
Thanks<br>
Terry<br>
<p>
<i>&gt; &gt; So, prehaps there should be a note in the man page for saned that on a Red</i><br>
<i>&gt; &gt; Hat 4.2 box, the permissions on the scsi divice will need to be changed.</i><br>
<i>&gt; &gt; </i><br>
<i>&gt; &gt; Note, the only scsi device I have at this point is the scanner, if one</i><br>
<i>&gt; &gt; also has disks, then I do not know what security ramifications this might</i><br>
<i>&gt; &gt; have.</i><br>
<i>&gt; </i><br>
<i>&gt; Hmm - well this isn't good. Not even for single device. It depends on how well</i><br>
<i>&gt; the device in question is designed.</i><br>
<i>&gt; </i><br>
<i>&gt; The point is, that you don't need to be afraid of someone accessing other </i><br>
<i>&gt; devices (except if the hardware in question is a very weird thing that can</i><br>
<i>&gt; initiate transfers), but that you can do about anything to the "open"</i><br>
<i>&gt; device that is exposed by the world-rw-able /dev/sg?.</i><br>
<i>&gt; </i><br>
<i>&gt; This can cause the device to do about anything, sometimes (with bad devices)</i><br>
<i>&gt; even things it shouldn't do, like crash, lock the bus, damage its hardware</i><br>
<i>&gt; (yes, this is possible, if you know the device well - Mustek scanners can</i><br>
<i>&gt; push the slider too far, many devices can have their firmware reprogrammed,</i><br>
<i>&gt; so guess what happens if you write garbage in there ...), etc. ...</i><br>
<i>&gt; </i><br>
<i>&gt; CU,Andy</i><br>
<i>&gt; </i><br>
<i>&gt; -- </i><br>
<i>&gt; Andreas Beck | Email : &lt;<a href="mailto:Andreas.Beck@ggi-project.org">Andreas.Beck@ggi-project.org</a>&gt;</i><br>
<i>&gt; </i><br>
<i>&gt; --</i><br>
<i>&gt; Source code, list archive, and docs: <a href="http://www.mostang.com/sane/">http://www.mostang.com/sane/</a></i><br>
<i>&gt; To unsubscribe: echo unsubscribe sane-devel | mail <a href="mailto:majordomo@mostang.com">majordomo@mostang.com</a></i><br>
<i>&gt; </i><br>
<p>
Terry Mackintosh &lt;<a href="mailto:terry@terrym.com">terry@terrym.com</a>&gt; <a href="http://www.terrym.com">http://www.terrym.com</a><br>
sysadmin/owner Please! No MIME encoded or HTML mail, unless needed.<br>
<p>
Proudly powered by R H Linux 4.2, Apache 1.3, PHP 3, PostgreSQL 6.3<br>
-------------------------------------------------------------------<br>
Success Is A Choice ... book by Rick Patino, get it, read it!<br>
<p>
<p>
<pre>
--
Source code, list archive, and docs: <a href="http://www.mostang.com/sane/">http://www.mostang.com/sane/</a>
To unsubscribe: echo unsubscribe sane-devel | mail <a href="mailto:majordomo@mostang.com">majordomo@mostang.com</a>
</pre>
<!-- body="end" -->
<p>
<ul>
<!-- next="start" -->
<li> <b>Next message:</b> <a href="0122.html">Matto Marjanovic: "Re: saned - Problem found"</a>
<li> <b>Previous message:</b> <a href="0120.html">Thomas Kluge: "Re: Mustek ScanExpress 6000 SP"</a>
<li> <b>In reply to:</b> <a href="0113.html">becka@rz.uni-duesseldorf.de: "Re: saned - Problem found"</a>
<!-- nextthread="start" -->
<!-- reply="end" -->
</ul>