On Oct 07, Frederic Crozat <fcrozat@xxxxxxxxxxxx> wrote: > > - setgid programs like gammu for dialout : no action for users needed > > but any user (even without console privilege) will gain access to those > > devices On Debian systems, pppd is suid root and only executable by group dip (which historically controls the ability to dial out), while uucico is sgid dialout but is in a directory not accessible by unpriviledged users. cu and minicom do not have special permission. If a program can output user-controllable strings to the console then you can as well add the user to group dialout without a significant security risk. -- ciao, Marco
Attachment:
signature.asc
Description: Digital signature
