lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20090918060210.GC7104@kroah.com>
Date:	Thu, 17 Sep 2009 23:02:10 -0700
From:	Greg KH <greg@...ah.com>
To:	Kay Sievers <kay.sievers@...y.org>
Cc:	Linus Torvalds <torvalds@...ux-foundation.org>,
	Ingo Molnar <mingo@...e.hu>,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	linux-kernel@...r.kernel.org
Subject: Re: [bug] /etc/profile: line 30: /dev/null: Permission denied
	(Was: Re: [PATCH] Remove broken by design and by implementation
	devtmpfs maintenance disaster)

On Fri, Sep 18, 2009 at 03:50:36AM +0200, Kay Sievers wrote:
> On Thu, 2009-09-17 at 17:18 -0700, Linus Torvalds wrote:
> > 
> > On Fri, 18 Sep 2009, Kay Sievers wrote:
> > > 
> > > > So I suspect /dev/null and /dev/zero should be special - just make them
> > > > have 0666 permissions. Because they really _are_ special, and no other
> > > > permissions ever make sense for them.
> > > 
> > > That's true. I guess there are a few more devices that need special
> > > permissions.
> > 
> > /dev/tty is probably the only remaining one - I don't think there should 
> > be any other devices that are so special that normal programs expect them 
> > to be there, and expect to be able to open them.
> > 
> > /dev/null (and to a lesser degree /dev/zero) really are special, and they 
> > are special not so much because they are special devices, but because they 
> > are part of the unix environment in rather deep ways. For example, mmap() 
> > on /dev/zero is deeply special, and really is about shm rather than any 
> > devices, so it's a VM thing with an odd special case.
> > 
> > And /dev/tty is special in that you'd expected to be able to open it even 
> > if you can't open the device that it points to - you may have inherited a 
> > tty from a program that _used_ to have permission to the underlying 
> > /dev/ttyxyz thing, but even if you no longer can open that device, 
> > /dev/tty still works.
> > 
> > The rest of /dev really should be rather esoteric, or it should be about 
> > real devices. So I do think that with just null, zero and tty having 0666 
> > permissions, a "normal UNIX" program is supposed to work. That should be 
> > the minimal set, but also the maximal set of devices that people should 
> > _expect_ to work.
> 
> Here is a quick hack to allow subsystems to provide a mode for their
> devices. It uses the callback that can provide custom non-default device
> names. Ingo, maybe you can give it a try?
> 
> To see how it works, it currently includes access to: null, zero, full,
> random, urandom, tty, ptmx. Also the USB /dev nodes have the same
> permissions as the USB /proc nodes always had. That's basically what
> udev does today for non-root users.

Ick, I don't think we should do something like this, it starts putting
the mode policy back into the kernel.  What's next, owner and group?  :)

I think the udev version in older Fedora releases can't handle this
kernel option, which is fine, just don't enable it.  Newer versions can
handle it, right?

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ