[Fwd: [Poll] Changing permissions on raw1394]
Andrew Hunter
andrew at aehunter.net
Fri Nov 30 00:55:39 GMT 2007
Hartmut Noack wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Andrew Hunter schrieb:
>
>> One of the features that we are considering is changing the permissions
>> on raw1394 /etc/udev/rules.d/40-permissions.rules from disk to audio or
>> video. This is a necessary change currently to enable firewire based
>> devices to work as a regular user, such as firewire sound cards and
>> video cameras.
>
> Video cams also? Quite strange - I can download easily from a
> mini-dv-cam whithout any hassle. First time I mentioned the
> permission-issue was when I used a firewire-soundcard first.
IIRC, it is needed to control the camera via firewire.
>
>
>
>> The other alternative solution is to add the user to group "disk",
>> though this may also cause problems.
>
> I did this and do not have any problems right now - of course I do notdo
> that on a server, it is my Laptop on wich I use the FW-card for mobile
> recording. Seriously: I do not see a realworld useage-scenario, whre
> adding the user to group disk could be a problem....
>
>
>> The issue with this is that it creates a rather large security risk for
>> the system, in that any device on the firewire bus can run with root
>> privileges. This risk is less of an issue for stand-alone machines that
>> do not use Ethernet over firewire,
>
> I never saw a machine using firewire to connect to a network - USB yes
> for stuff like Zaurus but FW?
While uncommon, the support for Ethernet over firewire does exist.
>
>> I would like to stress that it _will not_ be changed by default. All
>> that we are considering is providing a more accessible way to modify
>> those settings.
>
> Very good idea: PLUS: such a tool should allow to set stuff like
> max_user_freq and limits.conf also...
If you have any suggestions for items that you are currently editing by
hand, consider adding them to
https://wiki.ubuntu.com/UbuntuStudio/SettingsApp
>
>
>> In the future, when Ubuntu and by extension Ubuntu Studio move to the
>> new firewire stack in the kernel, this issue will be an non-issue. The
>> new kernel stack provides much finer granularity and control over
>> permissions on specific devices.
>>
>> The question then I am posing to you guys is this: How many of you
>> already change this setting by hand?
>
> I did, be member of group disk now and it works quite OK for me...
>
> bg
> hzn
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFHTvRk1Aecwva1SWMRAgtQAJ98zfQiBVcNXocWDDFAHcKJp/41PgCffjAf
> TnLNZrKMAKqiTNNGWT7mjFo=
> =YwvP
> -----END PGP SIGNATURE-----
>
More information about the Ubuntu-Studio-users
mailing list