...making Linux just a little more fun!
qqq1one @yahoo.com [qqq1one at yahoo.com]
Hi Everyone,
Does anyone remember how Fedora Core 4 let the user specify trusted devices (e.g. eth0, sit0, nlv0) through the system-config-securitylevel tool? That feature seems to have gone away with Core 5. I always liked that feature because it let me open up just the nlv0 device for VPN. With that feature gone, I have to open up a lot more it seems.
Does anyone know of a workaround? Or did the feature just get moved somewhere else? Thanks in advance. Oh, and I did find the ASCI version of the tool, system-config-securitylevel-tui - it knows that eth0 can be set as a trusted device, but that's it. Even when nlv0 is up (as confirmed by ifconfig), system-config-securitylevel-tui only lists eth0 as a device that can be set as trusted.
-- Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Ben Okopnik [ben at linuxgazette.net]
On Tue, May 01, 2007 at 11:24:37PM -0700, qqq1one @yahoo.com wrote:
> Hi Everyone, > > Does anyone remember how Fedora Core 4 let the user specify trusted devices (e.g. eth0, sit0, > nlv0) through the system-config-securitylevel tool? That feature seems to have gone away with > Core 5. I always liked that feature because it let me open up just the nlv0 device for VPN. With > that feature gone, I have to open up a lot more it seems. > > Does anyone know of a workaround? Or did the feature just get moved somewhere else? Thanks in > advance. Oh, and I did find the ASCI version of the tool, system-config-securitylevel-tui - it > knows that eth0 can be set as a trusted device, but that's it. Even when nlv0 is up (as > confirmed by ifconfig), system-config-securitylevel-tui only lists eth0 as a device that can be > set as trusted.
I don't know anything about how Fedora did this, but the traditional way to configure a device so that it can only be accessed by a given group of users is via the permissions mechanism. E.g.,
# addgroup --system trusted # chown root:trusted /dev/foo # chmod 660 /dev/foo # for n in joe jenny jim josie jack jill jeff joy do adduser $n trusted done
-- * Ben Okopnik * Editor-in-Chief, Linux Gazette * http://LinuxGazette.NET *