kopia lustrzana https://gitlab.com/sane-project/website
74 wiersze
3.5 KiB
HTML
74 wiersze
3.5 KiB
HTML
<!-- received="Thu Oct 8 08:32:25 1998 PDT" -->
|
|
<!-- sent="Thu, 8 Oct 1998 17:23:44 +0200 (MET DST)" -->
|
|
<!-- name="becka@rz.uni-duesseldorf.de" -->
|
|
<!-- email="becka@rz.uni-duesseldorf.de" -->
|
|
<!-- subject="Re: saned - Problem found" -->
|
|
<!-- id="199810081523.RAA19019@sunserver1.rz.uni-duesseldorf.de" -->
|
|
<!-- inreplyto="Pine.LNX.3.95.981008105457.15518A-100000@terry1.acun.com" -->
|
|
<title>sane-devel: Re: saned - Problem found</title>
|
|
<h1>Re: saned - Problem found</h1>
|
|
<a href="mailto:becka@rz.uni-duesseldorf.de"><i>becka@rz.uni-duesseldorf.de</i></a><br>
|
|
<i>Thu, 8 Oct 1998 17:23:44 +0200 (MET DST)</i>
|
|
<p>
|
|
<ul>
|
|
<li> <b>Messages sorted by:</b> <a href="date.html#113">[ date ]</a><a href="index.html#113">[ thread ]</a><a href="subject.html#113">[ subject ]</a><a href="author.html#113">[ author ]</a>
|
|
<!-- next="start" -->
|
|
<li> <b>Next message:</b> <a href="0114.html">Tobias Ernst: "Re: OS/2 ant sane 0.74"</a>
|
|
<li> <b>Previous message:</b> <a href="0112.html">Anthony Mallet: "Strage behavior (MFS-1200SP & sane 0.73)"</a>
|
|
<!-- nextthread="start" -->
|
|
<li> <b>Next in thread:</b> <a href="0121.html">Terry Mackintosh: "Re: saned - Problem found"</a>
|
|
<li> <b>Reply:</b> <a href="0121.html">Terry Mackintosh: "Re: saned - Problem found"</a>
|
|
<!-- reply="end" -->
|
|
</ul>
|
|
<!-- body="start" -->
|
|
Hi !<br>
|
|
<p>
|
|
<i>> Added both read and write for every one, changed the line in inet.conf</i><br>
|
|
<i>> back to nobody.nobody, and all works well.</i><br>
|
|
<p>
|
|
Hmm - this isn't a very good solution, but ...<br>
|
|
<p>
|
|
<i>> So, prehaps there should be a note in the man page for saned that on a Red</i><br>
|
|
<i>> Hat 4.2 box, the permissions on the scsi divice will need to be changed.</i><br>
|
|
<i>> </i><br>
|
|
<i>> Note, the only scsi device I have at this point is the scanner, if one</i><br>
|
|
<i>> also has disks, then I do not know what security ramifications this might</i><br>
|
|
<i>> have.</i><br>
|
|
<p>
|
|
Hmm - well this isn't good. Not even for single device. It depends on how well<br>
|
|
the device in question is designed.<br>
|
|
<p>
|
|
The point is, that you don't need to be afraid of someone accessing other <br>
|
|
devices (except if the hardware in question is a very weird thing that can<br>
|
|
initiate transfers), but that you can do about anything to the "open"<br>
|
|
device that is exposed by the world-rw-able /dev/sg?.<br>
|
|
<p>
|
|
This can cause the device to do about anything, sometimes (with bad devices)<br>
|
|
even things it shouldn't do, like crash, lock the bus, damage its hardware<br>
|
|
(yes, this is possible, if you know the device well - Mustek scanners can<br>
|
|
push the slider too far, many devices can have their firmware reprogrammed,<br>
|
|
so guess what happens if you write garbage in there ...), etc. ...<br>
|
|
<p>
|
|
CU,Andy<br>
|
|
<p>
|
|
<pre>
|
|
--
|
|
Andreas Beck | Email : <<a href="mailto:Andreas.Beck@ggi-project.org">Andreas.Beck@ggi-project.org</a>>
|
|
<p>
|
|
<pre>
|
|
--
|
|
Source code, list archive, and docs: <a href="http://www.mostang.com/sane/">http://www.mostang.com/sane/</a>
|
|
To unsubscribe: echo unsubscribe sane-devel | mail <a href="mailto:majordomo@mostang.com">majordomo@mostang.com</a>
|
|
</pre>
|
|
<!-- body="end" -->
|
|
<p>
|
|
<ul>
|
|
<!-- next="start" -->
|
|
<li> <b>Next message:</b> <a href="0114.html">Tobias Ernst: "Re: OS/2 ant sane 0.74"</a>
|
|
<li> <b>Previous message:</b> <a href="0112.html">Anthony Mallet: "Strage behavior (MFS-1200SP & sane 0.73)"</a>
|
|
<!-- nextthread="start" -->
|
|
<li> <b>Next in thread:</b> <a href="0121.html">Terry Mackintosh: "Re: saned - Problem found"</a>
|
|
<li> <b>Reply:</b> <a href="0121.html">Terry Mackintosh: "Re: saned - Problem found"</a>
|
|
<!-- reply="end" -->
|
|
</ul>
|