[sane-devel] Saned and root privileges ????

Andrew Goodbody elfringham at gmail.com
Sat Mar 10 17:22:36 UTC 2018



On 10/03/18 11:17, ToddAndMargo wrote:
> On 03/10/2018 03:06 AM, Andrew Goodbody wrote:
>> On 10/03/18 04:59, ToddAndMargo wrote:
>>> On 03/09/2018 12:53 PM, ToddAndMargo wrote:
>>>> Hi All,
>>>>
>>>> Okay, now this is "scary".
>>>>
>>>> Both xsane and Simple Scan work locally.
>>>>
>>>> I can not get saned to work, UNLESS, I edit /etc/group
>>>> and add the following to root
>>>>
>>>> root:x:0:saned
>>>>
>>>> Without it, I get
>>>>
>>>> $ xsane net:localhost:epkowa:interpreter:001:007
>>>> Access to resource has been denied
>>>>
>>>> Now what am I doing wrong?  Must saned have root privileges?
>>>>
>>>> Many thanks,
>>>> -T
>>>
>>> I just caught this:
>>>
>>> $ ps -eo pid,user,group,args --sort user | grep cups
>>>   5005 root     root     /usr/sbin/cupsd -l
>>>
>>> CUPS "is" running as root.  So is it okay to add
>>> saned to root's group?
>>
>> No, of course not, that's a huge security hole. Just because cups does 
>> it is no indication that saned should.
>>
>> The problem could well be that the user saned does not have access to 
>> your scanner. So check that saned is a member of whichever group can 
>> access your scanner device. This may be 'scanner'.
>>
>> Andrew
> 
> find /dev -iname \*scanner\*
> <nothing>

Please keep this on the list.

What do the commands

lsusb -s 001:007

and

ls -l /dev/bus/usb/001/007

return?

Andrew



More information about the sane-devel mailing list