Re: [Libusb-devel] ensure_ep_open()?

[<se...@ar...>]

> 
> I agree with Jasper. I don't have any other "users" of my system except for my
> wife, so I brute-forced it and chown/chmod'ed them by hand, but if it were a
> 'public' PC (in a lab or something) his solution seems more than adequate. We
> already have mechanisms like the above and /etc/fbtab that chown over devices
> to users when they are physically at the console, so these ugen* devices
> shouldn't be that much different.

There is an assumption here that USB devices are only useful when you are
on console, which I would like to avoid.  This is dangerously close to
Microsoft-style thinking.

That being said, I see Jasper's point in that one would want to avoid
having to implement SUID root merely to access /dev/ugen.  However,
putting on my Systems Administrator hat for a moment, I don't think the
solution to this is to 666 the device entries, or chown them to the user.

Instead, I suggest we 660 them, and recommend the creation of a group
(call it "usb" or whatever...the name doesn't matter) to be the group 
owner.  Then, applications that require ugen access through libusb can
be SGID to this group instead of SUID root.  This is much safer, and the
end developer won't have to worry about dropping privs...s/he can hold on to
them throughout the process lifetime.

The install process can be set up to do this, also as suggested, but I
recommend that we make this optional, prompting the suer for it, rather
than mandatory.  Again, this is the SysAdmin in me talking, who prefers
not to have my base OS configuration modified without my consent.

I still am curious, though, as to why ensure_ep_open() exists in 
freebsd.c, but has not been implemented in linux.c.  Is there a reason
for this inconsistency?


Cheers,
-+JLS

-- 
                                \                carpe cavy!
seagull @ aracnet.com            \
http://www.aracnet.com/~seagull   \        (seize the guinea pig!)