* Re: permissions of /proc/tty/driver
[not found] <41E80535.1060309@beamnet.de>
@ 2005-01-16 12:04 ` Christoph Hellwig
2005-01-16 13:13 ` Thomas Viehmann
2005-01-16 21:11 ` Alan Cox
0 siblings, 2 replies; 8+ messages in thread
From: Christoph Hellwig @ 2005-01-16 12:04 UTC (permalink / raw)
To: Thomas Viehmann; +Cc: linux-kernel
On Fri, Jan 14, 2005 at 06:45:25PM +0100, Thomas Viehmann wrote:
> Hi.
>
> This may not be stritly on topic, but I couln't figure out a better
> place to ask:
>
> During the packaging of an application, I have the following problem:
> I would like to run a daemon as non-root. The daemon likes to
> (continually) check /proc/tty/driver/usbserial to see whether or not
> interesting USB devices are connected. The permissions of this actual
> file is (on a kernel compiled from Debian's kernel-source-2.6.10) 0444,
> so this isn't a problem. However, the parent directory /proc/tty/driver
> is 0500. I'm not sure whether this is related to Debian DSAs 358 or 423
> (where /proc/tty/driver/serial is mentioned as leaking sensitive
> information), to me the contents of usbserial look innocent enough.
> Do you have any hints on what might be a good solution?
The permissions on the directory look indeed too strict to me. It might
be better to just use strict permissions on /proc/tty/driver/serial
indeed.
Counter-question: What information is available in
/proc/tty/driver/usbserial but not in sysfs?
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: permissions of /proc/tty/driver
2005-01-16 12:04 ` permissions of /proc/tty/driver Christoph Hellwig
@ 2005-01-16 13:13 ` Thomas Viehmann
2005-01-16 19:13 ` Sergey Vlasov
2005-01-19 10:32 ` Christoph Hellwig
2005-01-16 21:11 ` Alan Cox
1 sibling, 2 replies; 8+ messages in thread
From: Thomas Viehmann @ 2005-01-16 13:13 UTC (permalink / raw)
To: Christoph Hellwig; +Cc: linux-kernel
Hi.
Christoph Hellwig wrote:
> Counter-question: What information is available in
> /proc/tty/driver/usbserial but not in sysfs?
Thanks for this hint, is there a way of finding vendor and product ids
of all ttyUSB devices better than
looking for /sys/bus/usb/devices/*-*/*-*:*/ttyUSB* and then ckecking the
obvious files in the grandparent directory?
Kind regards
Thomas
--
Thomas Viehmann, <http://thomas.viehmann.net/>
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: permissions of /proc/tty/driver
2005-01-16 13:13 ` Thomas Viehmann
@ 2005-01-16 19:13 ` Sergey Vlasov
2005-01-19 10:32 ` Christoph Hellwig
1 sibling, 0 replies; 8+ messages in thread
From: Sergey Vlasov @ 2005-01-16 19:13 UTC (permalink / raw)
To: linux-kernel
On Sun, 16 Jan 2005 14:13:46 +0100, Thomas Viehmann wrote:
> Christoph Hellwig wrote:
>> Counter-question: What information is available in
>> /proc/tty/driver/usbserial but not in sysfs?
>
> Thanks for this hint, is there a way of finding vendor and product ids
> of all ttyUSB devices better than
> looking for /sys/bus/usb/devices/*-*/*-*:*/ttyUSB* and then ckecking the
> obvious files in the grandparent directory?
/sys/bus/usb-serial/devices/* looks like what you need...
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: permissions of /proc/tty/driver
2005-01-16 12:04 ` permissions of /proc/tty/driver Christoph Hellwig
2005-01-16 13:13 ` Thomas Viehmann
@ 2005-01-16 21:11 ` Alan Cox
2005-01-16 22:26 ` Christoph Hellwig
1 sibling, 1 reply; 8+ messages in thread
From: Alan Cox @ 2005-01-16 21:11 UTC (permalink / raw)
To: Christoph Hellwig; +Cc: Thomas Viehmann, Linux Kernel Mailing List
On Sul, 2005-01-16 at 12:04, Christoph Hellwig wrote:
> > (where /proc/tty/driver/serial is mentioned as leaking sensitive
> > information), to me the contents of usbserial look innocent enough.
> > Do you have any hints on what might be a good solution?
>
> The permissions on the directory look indeed too strict to me. It might
> be better to just use strict permissions on /proc/tty/driver/serial
> indeed.
The file containts transmit and receive byte counts, which means you can
both measure intercharacter delay and character count. Thats a big help
to password guessers
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: permissions of /proc/tty/driver
2005-01-16 21:11 ` Alan Cox
@ 2005-01-16 22:26 ` Christoph Hellwig
2005-01-17 8:14 ` Arjan van de Ven
0 siblings, 1 reply; 8+ messages in thread
From: Christoph Hellwig @ 2005-01-16 22:26 UTC (permalink / raw)
To: Alan Cox; +Cc: Thomas Viehmann, Linux Kernel Mailing List
On Sun, Jan 16, 2005 at 09:11:03PM +0000, Alan Cox wrote:
> On Sul, 2005-01-16 at 12:04, Christoph Hellwig wrote:
> > > (where /proc/tty/driver/serial is mentioned as leaking sensitive
> > > information), to me the contents of usbserial look innocent enough.
> > > Do you have any hints on what might be a good solution?
> >
> > The permissions on the directory look indeed too strict to me. It might
> > be better to just use strict permissions on /proc/tty/driver/serial
> > indeed.
>
> The file containts transmit and receive byte counts, which means you can
> both measure intercharacter delay and character count. Thats a big help
> to password guessers
I know. But that doesn't explain why we don't keep strict permissions
only on that file but on the directory.
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: permissions of /proc/tty/driver
2005-01-16 22:26 ` Christoph Hellwig
@ 2005-01-17 8:14 ` Arjan van de Ven
2005-01-17 12:23 ` Alan Cox
0 siblings, 1 reply; 8+ messages in thread
From: Arjan van de Ven @ 2005-01-17 8:14 UTC (permalink / raw)
To: Christoph Hellwig; +Cc: Alan Cox, Thomas Viehmann, Linux Kernel Mailing List
On Sun, 2005-01-16 at 23:26 +0100, Christoph Hellwig wrote:
> On Sun, Jan 16, 2005 at 09:11:03PM +0000, Alan Cox wrote:
> > On Sul, 2005-01-16 at 12:04, Christoph Hellwig wrote:
> > > > (where /proc/tty/driver/serial is mentioned as leaking sensitive
> > > > information), to me the contents of usbserial look innocent enough.
> > > > Do you have any hints on what might be a good solution?
> > >
> > > The permissions on the directory look indeed too strict to me. It might
> > > be better to just use strict permissions on /proc/tty/driver/serial
> > > indeed.
> >
> > The file containts transmit and receive byte counts, which means you can
> > both measure intercharacter delay and character count. Thats a big help
> > to password guessers
>
> I know. But that doesn't explain why we don't keep strict permissions
> only on that file but on the directory.
ls -la on the file gives you the size maybe ?
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: permissions of /proc/tty/driver
2005-01-17 8:14 ` Arjan van de Ven
@ 2005-01-17 12:23 ` Alan Cox
0 siblings, 0 replies; 8+ messages in thread
From: Alan Cox @ 2005-01-17 12:23 UTC (permalink / raw)
To: Arjan van de Ven
Cc: Christoph Hellwig, Thomas Viehmann, Linux Kernel Mailing List
On Llu, 2005-01-17 at 08:14, Arjan van de Ven wrote:
> On Sun, 2005-01-16 at 23:26 +0100, Christoph Hellwig wrote:
> > I know. But that doesn't explain why we don't keep strict permissions
> > only on that file but on the directory.
>
> ls -la on the file gives you the size maybe ?
I went for a dig in the archives
The original fix removed the tx/rx data from the file if you weren't
priviledged. Linus did the directory hack because he didn't want to
worry about drivers that got missed out/not fixed.
So there's a janitor project there - to go through all the tty/serial
drivers and make sure they don't give out excessively useful information
to non CAP_SYS_RAWIO users, then loosen permissions.
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: permissions of /proc/tty/driver
2005-01-16 13:13 ` Thomas Viehmann
2005-01-16 19:13 ` Sergey Vlasov
@ 2005-01-19 10:32 ` Christoph Hellwig
1 sibling, 0 replies; 8+ messages in thread
From: Christoph Hellwig @ 2005-01-19 10:32 UTC (permalink / raw)
To: Thomas Viehmann; +Cc: linux-kernel
On Sun, Jan 16, 2005 at 02:13:46PM +0100, Thomas Viehmann wrote:
> Hi.
>
> Christoph Hellwig wrote:
> >Counter-question: What information is available in
> >/proc/tty/driver/usbserial but not in sysfs?
>
> Thanks for this hint, is there a way of finding vendor and product ids
> of all ttyUSB devices better than
> looking for /sys/bus/usb/devices/*-*/*-*:*/ttyUSB* and then ckecking the
> obvious files in the grandparent directory?
I think that's the obvious way. Using libsysfs will make your life much
easier when doing that, though.
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2005-01-19 10:32 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <41E80535.1060309@beamnet.de>
2005-01-16 12:04 ` permissions of /proc/tty/driver Christoph Hellwig
2005-01-16 13:13 ` Thomas Viehmann
2005-01-16 19:13 ` Sergey Vlasov
2005-01-19 10:32 ` Christoph Hellwig
2005-01-16 21:11 ` Alan Cox
2005-01-16 22:26 ` Christoph Hellwig
2005-01-17 8:14 ` Arjan van de Ven
2005-01-17 12:23 ` Alan Cox
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).