Find the answer to your Linux question:
Results 1 to 6 of 6
Hi all, Can any one give me examples of user processes that are given direct access to I/O ports ? The only example which I know is X-server ,is there ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Sep 2010
    Posts
    6

    Question user processes given direct access to I/O ports


    Hi all,

    Can any one give me examples of user processes that are given direct access to I/O ports ?

    The only example which I know is X-server ,is there any other process ?

  2. #2
    Just Joined!
    Join Date
    Sep 2010
    Posts
    2

    nagios configuration

    hai,
    can any one help me about nagios configuration.At the end of the nagios configuration error will occur the following command /usr/local/nagios/etc/nagios.cfg.



    error:unexpected EOF while looking for matching `"'

  3. #3
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,448
    Quote Originally Posted by menaka View Post
    hai,
    can any one help me about nagios configuration.At the end of the nagios configuration error will occur the following command /usr/local/nagios/etc/nagios.cfg.



    error:unexpected EOF while looking for matching `"'
    Please don't post new/unrelated questions in someone else's thread! Post this to a new thread, please!
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  4. #4
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,448
    Quote Originally Posted by zodiac View Post
    Hi all,

    Can any one give me examples of user processes that are given direct access to I/O ports ?

    The only example which I know is X-server ,is there any other process ?
    A program that accesses hardware I/O ports has to have root privileges. This is required by the operating system. You can do this if the application (not script) is owned by root and has the setuid bit set. Then, when it is run, it will be as a root process. This is not to be done without careful consideration as it leaves the system vulnerable to malware or just simple coding errors. You will note that the X server, /usr/bin/Xorg, is such an application, owned by root and has the setuid bit enabled.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  5. #5
    Just Joined!
    Join Date
    Sep 2010
    Posts
    6

    Question

    normally all I/O goes through the kernel so that it can schedule the operations and prevent processes from stepping on each other isn't it ?.

    Does that mean that all programs with setuid bit set are allowed to slide around the kernel ???

  6. #6
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,448
    A setuid bit with root permissions only allows the application, in user space, to access kernel functions via system calls that can potentially harm the system. Free access to I/O ports is one of those situations. As for "sliding around in the kernel", no this does not allow that. You would need to write a kernel module to do that, and only root has the privileges to add a module to the kernel. However, I suspect that if you enabled the setuid bit on modprobe, then you would be allowing anyone to link any module into the kernel, though I haven't tried that. From the security analysis perspective, it would be an interesting experiment.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •