Re: [Discuss-gnuradio] non root access to usrp2 on Fedora 10

discuss-gnuradio

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Discuss-gnuradio] non root access to usrp2 on Fedora 10

From:	Chris Albertson
Subject:	Re: [Discuss-gnuradio] non root access to usrp2 on Fedora 10
Date:	Tue, 2 Dec 2008 16:49:52 -0800

>> For the foreseeable future, all USRP2 access must run as root.  You
>> could use suid (dangerous) or sudo (maybe a little less dangerous)
>> to allow non-root users to execute stuff as root, but it is always a
>> security risk to allow non-root users to execute
>> unstable/development code as root.  Another option might be to use
>> some sort of virtualization to give root access only on a virtual
>> machine and not the host OS; I believe that would work in vmware
>> with a bridged ethernet interface, but I'm not sure about other
>> virtualization tools.

I don't think the raw packets would be routeable on the virtual Ethernet

Logging in and running as root is actually more of a risk then is suid.

In both cases the SDR process runs as uid=0 but in the case of a root
login every process runs with uid=0.  Better to just set the one
trusted process as suid.

The best option would be to use UDP on the Ethernet connection then
the problem would just go away.  But then the problem of reduced
bandwidth and the larger code in the USRP.

A compromise I've seen is a "hack".  We call it "blindly blasted UDP".
 You write a special case network stack that only works on a point to
point Ethernet.  You don't even check for collisions at the Ethernet
level.
The UDP headers are fixed compile-time constants.  With this kind of
stack you get near wire speed bandwidth and very small code space,  So
much of a conventional stack is queueing and retry and error handling.
 This hack leaves all of that stuff out

This was used in a small AVR micro controller.  The application
sampled a sensor and then sent the value via UDP, one UDP packet per
sensor readout in a fast loop.

A device sending "blindly blast UDP" would take down a normal network.
 or a switch would disconnect it so it could only be used on a point
to point wired network.  But the advantage is that being UDP you don't
need special software on the computer to get the data.
-- 
=====
Chris Albertson
Redondo Beach, California

[Prev in Thread]

Current Thread

[Next in Thread]

[Discuss-gnuradio] non root access to usrp2 on Fedora 10, ematlis, 2008/12/02
- Message not available
  - Re: [Discuss-gnuradio] non root access to usrp2 on Fedora 10, ematlis, 2008/12/02
    - Re: [Discuss-gnuradio] non root access to usrp2 on Fedora 10, Chris Albertson <=
    - Re: [Discuss-gnuradio] non root access to usrp2 on Fedora 10, Gregory Maxwell, 2008/12/03
    - Message not available
    - Re: [Discuss-gnuradio] non root access to usrp2 on Fedora 10, ematlis, 2008/12/03
    - Message not available
    - Re: [Discuss-gnuradio] non root access to usrp2 on Fedora 10, ematlis, 2008/12/03
    - Message not available
    - Re: [Discuss-gnuradio] non root access to usrp2 on Fedora 10, ematlis, 2008/12/03
    - Message not available
    - Re: [Discuss-gnuradio] non root access to usrp2 on Fedora 10, ematlis, 2008/12/03
    - Re: [Discuss-gnuradio] non root access to usrp2 on Fedora 10, Matt Ettus, 2008/12/03

Prev by Date: Re: [Discuss-gnuradio] non root access to usrp2 on Fedora 10
Next by Date: [Discuss-gnuradio] Installation problem on 64-bit ubuntu intrepid
Previous by thread: Re: [Discuss-gnuradio] non root access to usrp2 on Fedora 10
Next by thread: Re: [Discuss-gnuradio] non root access to usrp2 on Fedora 10
Index(es):
- Date
- Thread