FS#3668 - /dev/input/event* is accessible only to root
Attached to Project:
Arch Linux
Opened by name withheld (Gullible Jones) - Tuesday, 27 December 2005, 04:36 GMT
Last edited by Jan de Groot (JGC) - Sunday, 01 January 2006, 11:05 GMT
Opened by name withheld (Gullible Jones) - Tuesday, 27 December 2005, 04:36 GMT
Last edited by Jan de Groot (JGC) - Sunday, 01 January 2006, 11:05 GMT
|
Details
As far as I know, there is no security gained by making
/dev/input/event* only accessible to root, as is the case
with the Testing version of udev. On the other hand, those
devices being inaccessible can cause Xorg to lock up if
you're trying to use evdev, which is very annoying. It seems
to me that it would be a good idea to make them readable by
users by default in order to prevent some nuisances.
|
This task depends upon
Closed by Tobias Powalowski (tpowa)
Tuesday, 31 January 2006, 14:37 GMT
Reason for closing: Not a bug
Tuesday, 31 January 2006, 14:37 GMT
Reason for closing: Not a bug
Comment by Jan de Groot (JGC) -
Tuesday, 27 December 2005, 09:35 GMT
Since xorg is a setuid binary, this shouldn't matter that much.
But since /dev/input/mice is 644 also, I think we should have the
evdev devices the same way.
Comment by
name withheld (Gullible Jones) -
Tuesday, 27 December 2005, 18:01 GMT
Wait a minute, if /dev/input/event* is readable by root only, and
xorg is setuid so it can read it, doesn't that mean that xorg is
setuid to root? Wouldn't that constitute a big fat security hole?
Comment by Jan de Groot (JGC) -
Tuesday, 27 December 2005, 18:12 GMT
X has always been setuid root. It starts as root and launches
everything else as user that started it. How would you like to do
direct access to things like MTRR, AGP as normal user?
Comment by
name withheld (Gullible Jones) -
Tuesday, 27 December 2005, 23:54 GMT
And that doesn't open up massive security holes?