summaryrefslogtreecommitdiff
path: root/system/atarisio/README.Slackware
blob: aabe7090a4687d33caee6acb3d40bcac997fd395 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
Before you can run atariserver or atarixfer, you will need the atarisio
kernel module loaded. If you're dedicating a serial port for use with
atariserver, you can add the following line to /etc/rc.d/rc.modules or
rc.local (as you prefer):

/sbin/modprobe atarisio port=/dev/ttyS0

(Replace ttyS0 if you're using a different serial port, of course)

If you need to use your serial port for other purposes, it's a little
less cut-and-dried. You will have to either manually modprobe and rmmod
the module as needed, or write yourself a script to do the job (possibly
also starting up agetty when the module is unloaded, or SLIP mode if
you're using FujiChat on your Atari, etc etc).

#### READ THIS! ####

By default, atariserver and atarixfer are installed setuid root,
group owner "users". This is done for two reasons: (a) so the programs
can access the /dev/atarisio* devices, and (b) so they can set POSIX
realtime scheduling mode, which prevents timing issues that can cause
SIO frames to be retransmitted or (on a loaded system) dropped.

If run setuid root, atariserver and atarixfer will drop their root
privileges after setting realtime mode and opening the device.
There are no currently known exploits against atarisio, but the code
hasn't exactly been audited by the NSA either.

You have several options here:

1. The default. Simply run the script. On a single-user system, this is
reasonable, though it's the least secure. atariserver and atarixfer will
be setuid root, and runnable by anyone in the users group.

2. Run atariserver and atarixfer setuid root, but restrict access to
some group other than "users". To do this, run the script as:

# SETUID=yes GROUP=wheel ./atarisio.SlackBuild

(replace "wheel" with any other group, as you prefer).
This option is more secure than option 1 and outperforms option 3.

3. Run atariserver and atarixfer as a normal user. This can cause
performance problems, but on most setups it works OK (on some systems,
it may not work at all). To do this, run the script as:

# SETUID=no ./atarisio.SlackBuild

This should be more secure than 1 or 2.

4. Same as 3, but extra paranoid: use a group other than "users" (I like
"wheel", but you could create your own "atarisio" group if you really
want), and be very picky about who you add to the group.

# SETUID=no GROUP=wheel ./atarisio.SlackBuild

Like option 3, this may cause performance problems or prevent the app
from working at all.