[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20090918060210.GC7104@kroah.com>
Date: Thu, 17 Sep 2009 23:02:10 -0700
From: Greg KH <greg@...ah.com>
To: Kay Sievers <kay.sievers@...y.org>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Ingo Molnar <mingo@...e.hu>,
"Eric W. Biederman" <ebiederm@...ssion.com>,
linux-kernel@...r.kernel.org
Subject: Re: [bug] /etc/profile: line 30: /dev/null: Permission denied
(Was: Re: [PATCH] Remove broken by design and by implementation
devtmpfs maintenance disaster)
On Fri, Sep 18, 2009 at 03:50:36AM +0200, Kay Sievers wrote:
> On Thu, 2009-09-17 at 17:18 -0700, Linus Torvalds wrote:
> >
> > On Fri, 18 Sep 2009, Kay Sievers wrote:
> > >
> > > > So I suspect /dev/null and /dev/zero should be special - just make them
> > > > have 0666 permissions. Because they really _are_ special, and no other
> > > > permissions ever make sense for them.
> > >
> > > That's true. I guess there are a few more devices that need special
> > > permissions.
> >
> > /dev/tty is probably the only remaining one - I don't think there should
> > be any other devices that are so special that normal programs expect them
> > to be there, and expect to be able to open them.
> >
> > /dev/null (and to a lesser degree /dev/zero) really are special, and they
> > are special not so much because they are special devices, but because they
> > are part of the unix environment in rather deep ways. For example, mmap()
> > on /dev/zero is deeply special, and really is about shm rather than any
> > devices, so it's a VM thing with an odd special case.
> >
> > And /dev/tty is special in that you'd expected to be able to open it even
> > if you can't open the device that it points to - you may have inherited a
> > tty from a program that _used_ to have permission to the underlying
> > /dev/ttyxyz thing, but even if you no longer can open that device,
> > /dev/tty still works.
> >
> > The rest of /dev really should be rather esoteric, or it should be about
> > real devices. So I do think that with just null, zero and tty having 0666
> > permissions, a "normal UNIX" program is supposed to work. That should be
> > the minimal set, but also the maximal set of devices that people should
> > _expect_ to work.
>
> Here is a quick hack to allow subsystems to provide a mode for their
> devices. It uses the callback that can provide custom non-default device
> names. Ingo, maybe you can give it a try?
>
> To see how it works, it currently includes access to: null, zero, full,
> random, urandom, tty, ptmx. Also the USB /dev nodes have the same
> permissions as the USB /proc nodes always had. That's basically what
> udev does today for non-root users.
Ick, I don't think we should do something like this, it starts putting
the mode policy back into the kernel. What's next, owner and group? :)
I think the udev version in older Fedora releases can't handle this
kernel option, which is fine, just don't enable it. Newer versions can
handle it, right?
thanks,
greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists