Re: O_NOACCESS?
From: andi payn (andi_payn_at_speedymail.org)
Date: 10/31/03
- Previous message: Braulio José Solano Rojas: "Re: Kylix in FreeBSD"
- In reply to: M. Warner Losh: "Re: O_NOACCESS?"
- Next in thread: M. Warner Losh: "Re: O_NOACCESS?"
- Reply: M. Warner Losh: "Re: O_NOACCESS?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: "M. Warner Losh" <imp@bsdimp.com> Date: Fri, 31 Oct 2003 13:20:33 -0800
On Fri, 2003-10-31 at 12:02, M. Warner Losh wrote:
> In message: <1067628015.825.64.camel@verdammt.falcotronic.net>
> andi payn <andi_payn@speedymail.org> writes:
> : On Fri, 2003-10-31 at 08:27, David Malone wrote:
> : > On Thu, Oct 30, 2003 at 07:46:38AM -0800, andi payn wrote:
> : > > In FreeBSD, this doesn't work; you just get EINVAL.
> : >
> : > I believe this is because of a security problem discovered a few
> : > years ago, where you could open a file like /dev/io for neither
> : > read nor write but still get the special privelages associated with
> : > having the file open.
> : >
> : > If you were to allow people to open files without read or write
> : > permission you'd need to fix problems like this in a different way.
> :
> : It seems to me that the right way to fix this is to ensure that only the
> : superuser can open /dev/io device, no matter what permissions are on it.
>
> This might not be a bad idea, but it would force at least one company
> (mine) to rewrite at least some of their software to run as root. we
> currently don't run some things as root because we don't trust them.
> But then you are getting into special case kludges. Better to require
> that it is opened read or write permissions.
Well, the io(4) manpage says:
> In addition to any file access permissions on /dev/io, the kernel
> enforces that only the super-user may open this device.
If this is not true--and especially if it's not true by design--then the
manpage ought to be changed.
If O_NOACCESS were added, and /dev/io were not changed to match the
manpage, then it could instead be changed so that read-only access
grants full I/O privileges, but no access does not?
> : Are there any other special devices like this in FreeBSD?
>
> Rewind units on tape drives? If there's no access check done, and I
> open the rewind unit as joe-smoe? The close code is what does the
> rewind, and you don't have enough knowledge to know if the tape was
> opened r/w there.
Thanks; that's a good example. Do you have an example of a specific
driver so I can look at the code and see what would need to be done?
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
- Previous message: Braulio José Solano Rojas: "Re: Kylix in FreeBSD"
- In reply to: M. Warner Losh: "Re: O_NOACCESS?"
- Next in thread: M. Warner Losh: "Re: O_NOACCESS?"
- Reply: M. Warner Losh: "Re: O_NOACCESS?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
