| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 29 Nov 2007 22:07:46 +0100
From: Bartlomiej Zolnierkiewicz <bzolnier@...il.com>
To: "Kay Sievers" <kay.sievers@...y.org>
Cc: "Dan Kegel" <dank@...el.com>,
"Xavier Bestel" <xavier.bestel@...e.fr>,
Andrey Borzenkov <arvidjaar@...l.ru>,
linux-kernel@...r.kernel.org
Subject: Re: Relax permissions for reading hard drive serial number?
On Thursday 29 November 2007, Kay Sievers wrote:
> On Nov 29, 2007 4:46 PM, Dan Kegel <dank@...el.com> wrote:
> > On Nov 29, 2007 7:37 AM, Xavier Bestel <xavier.bestel@...e.fr> wrote:
> > > > One sticking point is that apps like Photoshop and probably
> > > > Punkbuster want to retrieve the hard drive's serial number
> > >
> > > So they can't be installed on a network drive ?
> >
> > I think Adobe supports that, though perhaps not with the
> > retail version. Big companies with network drives are
> > probably an important revenue source for them.
> >
> > I haven't looked closely at what happens when you try installing
> > onto network drives. If you are really interested, it's pretty easy to
> > try yourself; just run the app under wine with
> > WINEDEBUG=+cdrom,+disk and look in the log for calls like
> > CreateFile("\\\\.\\PhysicalDrive0", ...).
> > There's some chance the code always checks drive 0 instead
> > of the drive you're installing onto.
>
> There are people who, for privacy reasons, really don't like that "unique"
> unchangeable serial numbers can be retrieved by untrusted users.
>
> You should probably chmod the file on the users system, if he is fine with
> that, but not change the kernel default.
Seconded.
While on it, how's about exporting model/firmware/serial through
sysfs so /proc/ide/hd*/identify don't have to be used?
[PATCH] ide: add /sys/bus/ide/devices/*/{model,firmware,serial} sysfs entries
Cc: Dan Kegel <dank@...el.com>
Cc: Kay Sievers <kay.sievers@...y.org>
Cc: Xavier Bestel <xavier.bestel@...e.fr>
Cc: Andrey Borzenkov <arvidjaar@...l.ru>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@...il.com>
---
drivers/ide/ide.c | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
Index: b/drivers/ide/ide.c
===================================================================
--- a/drivers/ide/ide.c
+++ b/drivers/ide/ide.c
@@ -1670,10 +1670,34 @@ static ssize_t modalias_show(struct devi
return sprintf(buf, "ide:m-%s\n", media_string(drive));
}
+static ssize_t model_show(struct device *dev, struct device_attribute *attr,
+ char *buf)
+{
+ ide_drive_t *drive = to_ide_device(dev);
+ return sprintf(buf, "%s\n", drive->id->model);
+}
+
+static ssize_t firmware_show(struct device *dev, struct device_attribute *attr,
+ char *buf)
+{
+ ide_drive_t *drive = to_ide_device(dev);
+ return sprintf(buf, "%s\n", drive->id->fw_rev);
+}
+
+static ssize_t serial_show(struct device *dev, struct device_attribute *attr,
+ char *buf)
+{
+ ide_drive_t *drive = to_ide_device(dev);
+ return sprintf(buf, "%s\n", drive->id->serial_no);
+}
+
static struct device_attribute ide_dev_attrs[] = {
__ATTR_RO(media),
__ATTR_RO(drivename),
__ATTR_RO(modalias),
+ __ATTR_RO(model),
+ __ATTR_RO(firmware),
+ __ATTR(serial, 0400, serial_show, NULL),
__ATTR_NULL
};
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists