You can find more information about the setup of EPSON parallel port scanners on Christian Bucher’s web site.
It is necessary to run the frontend as “root” user when a parallel port scanner will be accessed. The reason for this is that the IO ports that the backend has to control can only be accessed as “root”.
It is not neccessary to actually run the frontend as root, there are two ways this can be avoided:
When the setuid bit is set for an executable, the operating system will automatically change the user id to the owner of the executable when it is run. This means that when the owner of the frontend executable (e.g. xscanimage) is root and this bit is set, a parallel port scanner can be used. You can change the setuid bit using these commands (both of them have to be run as root):
chown root xscanimage chmod 4755 xscanimage
I would however not recommend this because it causes another security problem. Do this only is you are not very concerned about the security of your system (e.g. you are the only user, it is not connected to a network, you like to walk a high rope without a net)
Net Backend / Saned
When the scanner is not accessed directly, but via the net backend, it is possible to to run the saned daemon as root so that the backend that gets started by saned will also run as root. This allows a normal user to scan via the net backend. Please read the saned man page for more information about how to setup the net backend. Even though the man page discourages to use ‘root’ as user ID, in this case you have to do it, otherwise the backend will not be able to access the scanner.