Orlando Llanes wrote:
Cool :) Do I have to write a driver or something? Or will libs suffice? Or do I even need to worry about the user not being root? suid refers to the program? Like Ring 1/2/3 in PMode on Intel for example?
From: Peter Gerwinski peter@agnes.dida.physik.NO-SPAM-PLEASE.de Well ... you can use the `/dev/mem' device to directly access memory, ... but then the program needs to be "suid root" to be executed. (In fact this is how `svgalib' accesses video memory.)
It means a bit more. Root (and only root, AFAIK) can directly access all memory and ports, but root also has unlimited access to everything: all files (i.e. can read/modify/delete any private files of any user), all processes (i.e. can kill any user's processes), all devices (i.e. can format harddisks and all these things). So if I were the administrator of a multi-user system, I wouldn't install any unknown setuid root program -- that's the disadvantage. I guess it's not taken too seriously (and therefore not done much about it) by the Linux developers, because today, most Linux systems are single-user machines, AFAIK...
(BTW: suid only means that the program runs under the ID and with the privileges of a certain user (usually, a program has the ID of the user who started it). So, a suid guest program would get all the privileges of the guest account, which probably isn't very much. Almost the only interesting thing is suid root...)