Return-Path: Subject: Re: [Bluez-users] ciptool setuid From: Marcel Holtmann To: "Nicholas A. Preyss" Cc: BlueZ Mailing List In-Reply-To: <20040430082848.GA30282@gmx.net> References: <200404292230.08106.ach@mpe.mpg.de> <1083278666.4000.130.camel@pegasus> <20040430082848.GA30282@gmx.net> Content-Type: text/plain Message-Id: <1083311786.4000.133.camel@pegasus> Mime-Version: 1.0 Sender: bluez-users-admin@lists.sourceforge.net Errors-To: bluez-users-admin@lists.sourceforge.net List-Unsubscribe: , List-Id: List-Post: List-Help: List-Subscribe: , List-Archive: Date: Fri, 30 Apr 2004 09:56:26 +0200 Hi Nicholas, > > everybody with CAP_NET_ADMIN can create or release a CIP device. > > But with this capability he gains a lot of right about any kind of net > traffic and devices. So I personally think, using sudo with a predefined set of > allowed arguments is a more secure way. I never tried it, but as far as I know you can assign a capability to a specific executable for a specific user. However using sudo is also nice way. Regards Marcel ------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click _______________________________________________ Bluez-users mailing list Bluez-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bluez-users