In message <[EMAIL PROTECTED]> Hajimu UMEMOTO writes:
: Indeed, I wish to have a method to obtain required information without
: extra privilege. We need safety way.
: Currentry, GKrellM opens /dev/apm with O_RDWR. I just tried to open
: with O_RDONLY and see it is sufficient for APMIO_GETINFO. I'll send
: the change to the author of GKrellM.
It is sufficient for APMIO_GETINFO, but it will introduce a security
hole as the apm ioctls aren't careful enough about their sanity
checking. I've added such sanity checking in my local copy of apm and
will test it tonight when I have access to my laptop.
The holes are introduced by the chmod 664 /dev/apm, not by doing the
open rdonly :-).
If you'll send me a pointer to gkrellm, I'll see about putting it up
on my laptop and making sure that my stuff works with it.
Warner
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
