lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LFD.2.01.0909171322210.4950@localhost.localdomain>
Date:	Thu, 17 Sep 2009 13:26:01 -0700 (PDT)
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	Kay Sievers <kay.sievers@...y.org>
cc:	Ingo Molnar <mingo@...e.hu>,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	Greg KH <greg@...ah.com>, linux-kernel@...r.kernel.org
Subject: Re: [bug] /etc/profile: line 30: /dev/null: Permission denied (Was:
  Re: [PATCH] Remove broken by design and by implementation devtmpfs 
 maintenance disaster)



On Thu, 17 Sep 2009, Kay Sievers wrote:

> On Thu, Sep 17, 2009 at 20:53, Ingo Molnar <mingo@...e.hu> wrote:
> > I've reproduced a bug with the following .config options:
> >
> >  CONFIG_DEVTMPFS=y
> >  CONFIG_DEVTMPFS_MOUNT=y
> >
> > /dev/null and /dev/zero are not read/writable to ordinary users,
> > breaking normal bootup and login:
> 
> Udev should run long before some ordinary/non-root user can login, and
> apply the permissions as it always does. It's known to work on Fedora,
> SUSE, Ubuntu. What kind of system/environment/setup is that where you
> see this?

I don't know if this is what Ingo does, but I have a few machines where I 
don't run the distro-supplied 'initrd' at all, because it's easier to boot 
without it. The Fedora initrd doesn't allow me to sanely set root 
filesystem parameters without totally rewriting the initrd image, which 
I'm not interested in, for example (they'll take effect for the root 
initrd, not the final root).

That may be "not supported", but the point is, we want to make the kernel 
be as self-sufficient as possible, and the whole _point_ of this devtmpfs 
seemed to be to increase self-sufficiency rather than decrease it by 
requiring 'udev' to have run very very early.

If you have udev running really early, then what's the point of devtmpfs? 
You might as well just have udev and tmpfs.

So I suspect /dev/null and /dev/zero should be special - just make them 
have 0666 permissions. Because they really _are_ special, and no other 
permissions ever make sense for them.

		Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ