From - Wed Nov 27 12:34:00 1996 Path: news.unizar.es!news.rediris.es!news.belnet.be!news-dc.gsl.net!news.gsl.net!news-penn.gsl.net!news.gsl.net!news-stkh.gsl.net!news.gsl.net!news-peer.gsl.net!news.gsl.net!swrinde!ihnp4.ucsd.edu!info.ucla.edu!nnrp.info.ucla.edu!news.bc.net!rover.ucs.ualberta.ca!mongol.sasknet.sk.ca!canopus.cc.umanitoba.ca!zeno.ibd.nrc.ca!roberson From: roberson@zeno.ibd.nrc.ca (Walter Roberson) Newsgroups: comp.sys.sgi.admin Subject: Re: Indy Audio devices and security Date: 26 Nov 1996 06:19:51 GMT Organization: National Research Council Canada Lines: 34 Message-ID: <57e267$5bm@canopus.cc.umanitoba.ca> References: <1996Nov18.144522.42396@ucl.ac.uk> NNTP-Posting-Host: zeno.ibd.nrc.ca In article <1996Nov18.144522.42396@ucl.ac.uk>, Martin Jones wrote: :Hi - well, we have a practical joker here who's annying people by playing :sounds on their indys. :Is there any "normal" way to prevent anyone but the person on the console :from accessing the speaker? :My best guess is change the XDM login stuff to check if the guy is logging :onto the console, and then change the ownership of the appropriate device :file, having earlier set the permissions to 644. :Any better ideas ? if not which device should I be playing with - I thought it :would be /dev/audio, but that doesn't appear to do the trick. Here's a security extract from wpaul@ctr.columbia.edu (Bill Paul) in <4hfbat$4er@sol.ctr.columbia.edu>: |From /usr/lib/X11/xdm/Xstartup (run at login): | |# |# Set permissions so that people can't spy on the console user |# |chown $USER /dev/audio /dev/hdsp/* /dev/video /dev/vid /dev/dmrb |chmod 600 /dev/audio /dev/hdsp/* /dev/video /dev/vid /dev/dmrb | |From /usr/lib/X11/xdm/Xreset (run at logout): | |# Don't let people abuse the video/audio devices via remote control |chown root /dev/audio /dev/hdsp/* /dev/video /dev/vid /dev/dmrb |chmod 600 /dev/audio /dev/hdsp/* /dev/video /dev/vid /dev/dmrb -- Walter Roberson roberson@ibd.nrc.ca NFS -- putting the 'cult' in 'occult'