Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#7876 - Incorrect permissions set on Nvidia device files (security issue)
Attached to Project:
Arch Linux
Opened by Philip (phildg) - Wednesday, 22 August 2007, 18:19 GMT
Last edited by Roman Kyrylych (Romashka) - Tuesday, 28 August 2007, 08:45 GMT
Opened by Philip (phildg) - Wednesday, 22 August 2007, 18:19 GMT
Last edited by Roman Kyrylych (Romashka) - Tuesday, 28 August 2007, 08:45 GMT
|
DetailsDescription:
In reference to the security bulletin against gentoo's nvidia package: http://secunia.com/advisories/26497/. archlinux seems to suffer the same problem. The permissions for nvidia device files are set incorrectly. Permissions for the device files are currently: crw-rw-rw- 1 root root 195, 0 2007-08-19 16:50 /dev/nvidia0 crw-rw-rw- 1 root root 195, 255 2007-08-19 16:50 /dev/nvidiactl A more sane configuration is: crw-rw---- 1 root video 195, 0 2007-08-19 16:50 /dev/nvidia0 crw-rw---- 1 root video 195, 255 2007-08-19 16:50 /dev/nvidiactl Additional info: I posted a workaround on the forums here: http://bbs.archlinux.org/viewtopic.php?pid=275205#p275205 Affects both nvidia-100.14.11-4 and nvidia-96xx-1.0.9639-5. I haven't tried the nvidia-71xx package, nor the packages for the -mm, -ck and -suspend2 kernel packages |
This task depends upon
Closed by Roman Kyrylych (Romashka)
Tuesday, 28 August 2007, 08:45 GMT
Reason for closing: Won't implement
Tuesday, 28 August 2007, 08:45 GMT
Reason for closing: Won't implement
Comment by Tobias Powalowski (tpowa) -
Wednesday, 22 August 2007, 18:31 GMT
as stated in an ealry bug report you can set those files on your own, we provide it as nvidia provides it, there are 3 ways of changing that. documented in nvidia installation file
Comment by Philip (phildg) -
Wednesday, 22 August 2007, 19:02 GMT
oh, ok. I did try searching but I didn't catch the closed reports first time round. Schoolboy error, sorry!
Comment by Roman Kyrylych (Romashka) -
Tuesday, 28 August 2007, 08:44 GMT
http://bugs.archlinux.org/task/5682#comment12474