rfc: /dev/softsynth permissions
Joseph C. Lininger
jbahm at pcdesk.net
Wed Jun 2 21:14:52 EDT 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
There are a number of security issues with 666 perms on /dev/softsynth.
The two that immediately come to mind are:
1. Any user on the system (local or remotely logged in) would be able to
view the contents of /dev/softsynth. This means there would be no
privacy at all for people using the console.
2. Any user on the system could write arbitrary data to /dev/softsynth.
This could allow anything from simple annoyances to entire system
compromises depending on exactly what users choose to do with that
capability.
If a device in /dev is world writable, it's generally because that
device can't be used to pose a security threat, or because the Linux
kernel itself handles that device specially. It is important to note
that even when the kernel handles the device specially there are still
documented cases where problems have occured. See /dev/mem and /dev/kmem
for examples. It is also worth noting that the over all trend has been
to move away from world writable devices.
- --
They say god has always been. Linux and I will now disprove that:
$ ar m God
ar: creating God
There you have it. God was created by the ar program. Good news is, God
really does exist!
Joseph C. Lininger, <jbahm at pcdesk.net>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
iQEcBAEBCAAGBQJMBwILAAoJEMh8jNraUiwqdNgH/i01xiJcJv8zMIUGkUmPl4Tt
0wdAeBAPxHNteiRycOA6gTPdvBTC6OFLgGyM28jSjneiJi3O3Ii33y5WKZ+k6IU7
psvBCWkhRmMLFawWhRzvuF7/ZeberZkr4PzUC1XekVpLPJJVBUKlxJDatjnnYnKS
b+z5zh1zRV8k86ZXakUgEZrz8MYJsIsZWsYznPobpOFbT9Sd6R3N30j8r8JGdx6x
YDGFo7zkWh/iy+//BmFOqmd4r6iKGYJNF/TOxRSUfwGpAMYFK1yp6G332pN6RauA
J56bk4IRisIbor1n44sbIqL6AUm/9zzUo55C65NtuJWzFu212Z+mlFmeuvy4fvU=
=4lOW
-----END PGP SIGNATURE-----
More information about the Speakup
mailing list