While writing a serial-to-html interface for a video A/D converter, I ran into the following problem:
My serial interface was FTDI-based, so it appears as "/dev/ttyUSB0".
Nice, but by default, the access rights for this device are like this:
Even if you change the rights manually, every time you unplug/replug the device, they will be reset to thiscrw-rw---- 1 root dialout 188, 0 2012-03-01 16:10 /dev/ttyUSB0
Although usually, you'd just assign the user to access that device to the group "dialout", in my case I wasn't too comfortable doing so, because I'm accessing the serial device from Apache/PHP. So the user is "www-data". This means that that user would be able to access *any* device, the user "dialout" is allowed to write to. And we're talking about a WEB interface here...
[SOLUTION]
So I've decided to only grant access to /dev/ttyUSB0:
As "udev" is responsible for these access rights, you can simply create a new rule file in /etc/udev/rules.d, called "80-ttyusb.rules" (for example) - with the following content:
Code: Select all
KERNEL=="ttyUSB0", MODE="0666"crw-rw-rw- 1 root dialout 188, 0 2012-03-05 16:01 /dev/ttyUSB0