lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20090917234144.2f8eb1f2@lxorguk.ukuu.org.uk>
Date:	Thu, 17 Sep 2009 23:41:44 +0100
From:	Alan Cox <alan@...rguk.ukuu.org.uk>
To:	Kay Sievers <kay.sievers@...y.org>
Cc:	Linus Torvalds <torvalds@...ux-foundation.org>,
	Ingo Molnar <mingo@...e.hu>,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	Greg KH <greg@...ah.com>, linux-kernel@...r.kernel.org
Subject: Re: [bug] /etc/profile: line 30: /dev/null: Permission denied (Was:
  Re: [PATCH] Remove broken by design and by implementation devtmpfs 
 maintenance disaster)

> That's true. I guess there are a few more devices that need special
> permissions. We could make that happen, so people could probably run a

I think this is misleading somewhat as were Ingo's init stuff to all run
as root then the permissions were fine. In other words it does what it
says on the tin (the real debate is whether it does it right)

You should only need /dev/null and /dev/zero to get sanity. The console
is opened by init and inherited. You might want to also fix the
permissions by default on /dev/tty as some scripts tend to get grumpy
without it. /dev/tty is a magic hook to the process group controlling tty
so has no real permissions impact being 0666.

The rest should essentially work out of the box - mount is done as root
to mount the real fs stuff so root only is ok, the console is inherited
so /dev/tty or just fd 0/1/2. Once you get to mingetty it will run as
root and permission manage the devices.

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ