2004-03-01 15:48:22

by Thor Egil Skaug

[permalink] [raw]
Subject: [Bluez-users] Socket permissions

When I use the hciconfig, hcitool, etc. applications that depend on
raw-data hci-sockets,
I have to be logged in as root for it to work. If not I get a permission
denied error.

Which files do I have to alter permissions on in order for a normal user
to do this?

I am using Linux 2.4.25, hci_usb + usb-uhci, Belkin USB dongle (CSR).

Thor


-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
Bluez-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bluez-users


2004-03-01 16:17:17

by Marcel Holtmann

[permalink] [raw]
Subject: Re: [Bluez-users] Socket permissions

Hi Thor,

> When I use the hciconfig, hcitool, etc. applications that depend on
> raw-data hci-sockets,
> I have to be logged in as root for it to work. If not I get a permission
> denied error.
>
> Which files do I have to alter permissions on in order for a normal user
> to do this?

there is a limited number of commands and events that are accessable to
everybody. There are no file permissions to change this, because it
depends on CAP_NET_ADMIN rights.

Regards

Marcel




-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
Bluez-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bluez-users

2004-03-01 16:13:34

by Thor Egil Skaug

[permalink] [raw]
Subject: RE: [Bluez-users] Socket permissions

>I did
># chown root hciconfig
># chmod 4711 hciconfig
>
>which sets that program setUID root. This should solve that problem,
but setting programs setuid root *could* cause a problem for security.
Since all my bluez stuff is on a laptop that's rarely online, the risk
is negligible for me.
>
>-t.

Thanks, but this is not what I meant. The application that I am writing
(using raw-data hci sockets) should not require any
different permissions or owner. What I am looking for is a way to let a
normal user run my application that has normal permissions and
open a BlueZ hci socket.

An example is using the serial port in an application. To allow users to
run such a program, one would have to set permissions
on /dev/ttyS*.

Thor


-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
Bluez-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bluez-users

2004-03-01 16:00:27

by TM

[permalink] [raw]
Subject: Re: [Bluez-users] Socket permissions

I did
# chown root hciconfig
# chmod 4711 hciconfig

which sets that program setUID root. This should solve that problem, but setting programs setuid root *could* cause a problem for security. Since all my bluez stuff is on a laptop that's rarely online, the risk is negligible for me.

-t.

Thor Egil Skaug wrote:
> When I use the hciconfig, hcitool, etc. applications that depend on
> raw-data hci-sockets,
> I have to be logged in as root for it to work. If not I get a permission
> denied error.
>
> Which files do I have to alter permissions on in order for a normal user
> to do this?
>
> I am using Linux 2.4.25, hci_usb + usb-uhci, Belkin USB dongle (CSR).
>
> Thor
>
>
> -------------------------------------------------------
> SF.Net is sponsored by: Speed Start Your Linux Apps Now.
> Build and deploy apps & Web services for Linux with
> a free DVD software kit from IBM. Click Now!
> http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
> _______________________________________________
> Bluez-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/bluez-users



-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
Bluez-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bluez-users