Re: [opencbm-user] Errors compiling opencbm on Linux.

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hello,

* On Sun, Nov 04, 2007 at 01:53:31PM +0100 Wolfgang Moser wrote:

> > In fact, it is exactly the way it was expected to work. I see, this
> > shoujld be better documented. In fact, I totally forgot about this
> > myself.
> 
> I don't know anything about the concepts of users and
> groups regarding Linux kernel drivers, but isn't it
> possible to declare more than one user and/or group to
> have specific access modes for the driver?

With the "traditional" user right in unixoid machines, this is not
possible. You always have rights for the owner, the group, and all. Note
that it is *the* group; it is always exactly one group.

Normally, if you want to restrict to specific users, you create a new
group and add all the users you want to be able to use that into that
group. Having said this, I do not think it is a good idea to do this
automatically from the installation of OpenCBM. It might be better to
just let the user decide if he wants another group or not.

I could document this possibility and link to somewhere external, so
people can adjust this to their own needs.

Now, I do *not* want to open the OpenCBM driver to everyone from a
security perspective.

> That way Luca could list every single user that is
> allowed to have access to the cbm module. Not that I
> would recommend that here, but worth to be documented,
> if this is a possible option.

To be able to do this on a per-user base, you need ACL (access control
lists). Normally, Linux distributions do not include this patch, and
most unixoid system do not support this out-of-the-box, either.

Creating an own group, however, is an option here.

Regards,
   Spiro.

-- 
Spiro R. Trikaliotis                              http://opencbm.sf.net/
http://www.trikaliotis.net/                     http://www.viceteam.org/