On 11/02/17 10:29, Bastien Roucaries wrote:
Le 10 février 2017 16:13:15 GMT+01:00, Alec Leamas <leamas.alec@gmail.com> a écrit :Dear list,
[cut]
Proposed /dev/ permissions after installing lirc: - The /dev/lirc? devices are set user:group lirc:lirc and mode 660 (udev rule). - The lirc user is added to the input group, to access /dev/input devices. - The lirc user is added to the dialout group to access /dev/ttyS devices. - The /var/lock dir is root:root 755 in my stretch box but this is seemingly #813703; assuming this will be fixed to 1777. - lirc user gets read access to all USB character devices using a udev rule invoking facl(1). I know that getting permission is harder than to be forgiven, but perhaps it makes sense to have a discussion first? The possibly controversial issue is the USB devices. However, without this rule a large part of lirc users will be forced to painful udev rules configurationCan we list USB device needed (whitelist) ?
I don't think so. The number of devices used by lircd is large, and the USB ids are not always well-defined...
It might be possible to whitelist "most" devices, leaving it up to users of "uncommon" devices to fix it on their own. More work for both package maintainers and users, although more safe...
Personally I don't think read access to character devices should be that sensitive. The most obvious concern are hardware login dongles. Of those, most seems to be mass storage devices; these are *not* covered by the udev rule. Neither is yubikey devices.
Also, whatever risks there are we are already taking them when running lircd as root.
--alec