[Xastir] Trap for Young and Old

David A Aitcheson david.aitcheson at gmail.com
Mon Jun 23 10:53:26 EDT 2014 

On 06/23/2014 06:36 AM, Liz wrote:
> On Wed, 18 Jun 2014 21:31:29 -0700 (PDT)
> "Curt, WE7U" <curt.we7u at gmail.com> wrote:
>
>> On Wed, 18 Jun 2014, Jason KG4WSV wrote:
>>
>>> On Wed, Jun 18, 2014 at 2:00 PM, Curt, WE7U <curt.we7u at gmail.com>
>>> wrote:
>>>> Xastir does this, but would you want to trust security of your
>>>> system to a bunch of hobbyists?  ;-)
>>> 'cause that's not something linux users are familiar with. :|
>> I think we might have more of a lack of security-trained Linux people
>> on our development team...
>>
>>
>>>> Technically it isn't a problem:  The AX.25 networking port is
>>>> implemented similarly to ethernet ports in terms of permissions.
>>>>
>>>> For Xastir to be able to access the port, it needs root privileges.
>>> So you can't just chmod 666 /dev/ax25 (or whatever) so that xastir
>>> can access it running as joe user?
>> I would think that would work as well, so one would need to tweak the
>> udev scripts perhaps.  I'm no expert on that, having only hacked on
>> them a few times myself for other reasons.  This would be a bit more
>> difficult for a newbie to figure out and hack on any given system.
>> There may be details that change from OS to OS and from version to
>> version.  Worth a shot though as an alternate method.
>>
> Got caught with the same problem this Sunday.
> For Debian packaging it would be possible to insert a question into the
> post-install script to ask if you want xastir set with permissions 4755
> - or whatever other solution is determined as best for the problem.
>
> I'm not sure how the calife or chiark-really alternates to sudo would
> be better than the current system.
>
> Liz
> VK2XSE
> _______________________________________________
> Xastir mailing list
> Xastir at lists.xastir.org
> http://xastir.org/mailman/listinfo/xastir

It depends how one sets the options in the config files; you can set
certain programs to automatically be "sudo'd" without additional
entering of a password. Me I just let them run and make me a semi-root
user, that way I don't have to risk typing in a password when
"nefarious" eyes are about.

Dave
KB3EFS

-- 
David A Aitcheson david.aitcheson at gmail.com Go Green! Print this email
only when necessary.

More information about the Xastir mailing list