make_dev(9) perms for SCSI & SCSI RAID drivers in CURRENT.
Andre Guibert de Bruet
andy at siliconlandmark.com
Tue Feb 10 02:10:26 PST 2004
(Yes, I'm replying to myself... heh)
On Sun, 8 Feb 2004, Andre Guibert de Bruet wrote:
> On Mon, 9 Feb 2004, Bruce Evans wrote:
>
> > On Sun, 8 Feb 2004, Andre Guibert de Bruet wrote:
> >
> > > While studying the various FreeBSD SCSI and SCSI RAID drivers, I noticed
> > > that the file mode (perm mask) varies per driver. So far, I've come across
> > > 0600, 0640 and 0644. I can't really see why any of these drivers would
> > > have anything other than 0600, as it would require root access or at least
> > > write perm to do anything useful with the card.
> >
> > All disk (data) devices should have mode 0640 and ownership root:operator
> > and all disk (control) devices should have mode 0600 and ownership root:wheel.
> > Distributed setting of ownerships and permissions gives many more bugs than
> > centralized setting in MAKEDEV. Mode bugs in devfs start at its top level
> > (its directory has mode 555 although its owner can write to it except
> > possibly in the jailed case).
> >
> > > Here's a quick illustration of what I'm refering to:
> > >
> > > aac 0640 (octal notation in code)
> > > amr 0600 (implemented as S_IRUSR | S_IWUSR)
> > > asr 0640 (octal notation in code)
> > > ciss 0600 (implemented as S_IRUSR | S_IWUSR)
> > > ida 0600 (implemented as S_IRUSR | S_IWUSR)
> > > iir 0644 (implemented as S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)
> > > ips 0600 (implemented as S_IRUSR | S_IWUSR)
> > > isp 0600 (octal notation in code)
> > > mly 0600 (implemented as S_IRUSR | S_IWUSR)
> >
> > Most of these actually create control devices, so mode 0600 is correct
> > and group operator is bogus, and mode 0640 is a potental security hole
> > especially with group operator. Group operator is almost always used
> > of course. The data devices are mostly created by the disk mini-layer
> > in RELENG_4 (except RELENG_4 doesn't really have devfs) and by GEOM in
> > -current.
>
> I adjusted and expanded the set of patches that I had to change
> permissions on the control devices so that they also set the GID to wheel.
> The assumption that I am making with these patches is that the drivers
> that are calling make_dev() are creating control devices, as they should
> be letting GEOM create their data devices. Feedback is welcome here as my
> GEOM-fu isn't all that hot...
>
> I have tried to maintain the style used in the drivers themselves and
> fixed the long line in the patch for isp_freebsd.c.
I've gotten a number of interesting questions and so far no objections. Is
there any chance of getting the patches committed?
Regards,
Andy
> Andre Guibert de Bruet | Enterprise Software Consultant >
> Silicon Landmark, LLC. | http://siliconlandmark.com/ >
More information about the freebsd-current
mailing list