From owner-freebsd-security Sat Nov 15 17:06:00 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id RAA08157 for security-outgoing; Sat, 15 Nov 1997 17:06:00 -0800 (PST) (envelope-from owner-freebsd-security) Received: from milf18.bus.net (milf18.bus.net [207.41.25.18]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id RAA08149 for ; Sat, 15 Nov 1997 17:05:52 -0800 (PST) (envelope-from cao@bus.net) Received: from localhost (cao@localhost) by milf18.bus.net (8.8.5/8.8.5) with SMTP id UAA07459 for ; Sat, 15 Nov 1997 20:05:44 -0500 (EST) X-Authentication-Warning: milf18.bus.net: cao owned process doing -bs Date: Sat, 15 Nov 1997 20:05:44 -0500 (EST) From: "Chuck O'Donnell" Reply-To: "Chuck O'Donnell" To: freebsd-security@freebsd.org Subject: permissions and /dev/speaker Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk If this is not an appropriate place for this question, please let me know. I would like to write to /dev/speaker from a CGI script to sound the speaker on a web server. I use the Apache http server compiled from sources and run under the user "nobody". The web server has multiple logins. By default, permissions on /dev/speaker are: crw------- 1 root wheel 26, 0 Nov 15 18:00 /dev/speaker I was thinking of creating a "speaker" user/group and placing the httpd user in that group, setting permissions as follows: crw-rw---- 1 root speaker 26, 0 Nov 15 18:00 /dev/speaker or bypassing the creation of the new user/group and using: crw-rw-rw- 1 root wheel 26, 0 Nov 15 18:00 /dev/speaker Is anyone aware of any potential problems or holes that may arise from this? Thoughts and suggestions are welcome. Thank you. Regards, Chuck O'Donnell