Pointer & GPC question..._(re)

Fri, 22 Aug 1997 17:48:23 +0200

Orlando Llanes wrote:

> Cool :) Do I have to write a driver or something? Or will libs suffice? Or
> do I even need to worry about the user not being root? suid refers to the
> program? Like Ring 1/2/3 in PMode on Intel for example?
> > From: Peter Gerwinski 
> > Well ... you can use the `/dev/mem' device to directly access memory,
> > ...
> > but then the program needs to be "suid root" to be executed.
> > (In fact this is how `svgalib' accesses video memory.)
 
It means a bit more. Root (and only root, AFAIK) can directly access all
memory and ports, but root also has unlimited access to everything: all
files (i.e. can read/modify/delete any private files of any user), all
processes (i.e. can kill any user's processes), all devices (i.e. can
format harddisks and all these things). So if I were the administrator
of a multi-user system, I wouldn't install any unknown setuid root
program -- that's the disadvantage. I guess it's not taken too
seriously (and therefore not done much about it) by the Linux developers,
because today, most Linux systems are single-user machines, AFAIK...

(BTW: suid only means that the program runs under the ID and with the
privileges of a certain user (usually, a program has the ID of the user
who started it). So, a suid guest program would get all the privileges of
the guest account, which probably isn't very much. Almost the only
interesting thing is suid root...)

-- 
Frank Heckenbach, Erlangen, Germany
heckenb@mi.uni-erlangen.de
http://home.pages.de/~fjf/links.htm

Frank Heckenbach (heckenb@mi.uni-erlangen.de)