Re: permissions of /proc/tty/driver
On Fri, Jan 14, 2005 at 06:45:25PM +0100, Thomas Viehmann wrote:
> Hi.
>
> This may not be stritly on topic, but I couln't figure out a better
> place to ask:
>
> During the packaging of an application, I have the following problem:
> I would like to run a daemon as non-root. The daemon likes to
> (continually) check /proc/tty/driver/usbserial to see whether or not
> interesting USB devices are connected. The permissions of this actual
> file is (on a kernel compiled from Debian's kernel-source-2.6.10) 0444,
> so this isn't a problem. However, the parent directory /proc/tty/driver
> is 0500. I'm not sure whether this is related to Debian DSAs 358 or 423
> (where /proc/tty/driver/serial is mentioned as leaking sensitive
> information), to me the contents of usbserial look innocent enough.
> Do you have any hints on what might be a good solution?
Hi Thomas,
Unfortunately the permisions problem that you describe above is
indeed a direct result of the security problem you refer to
(CAN-2003-0461). It seems that the 0500 permission is pretty standard
for /proc/tty/driver/ these days, likely to head off any potintial
repeats of problems such as this.
Unfortunately this doesn't help your problem very much. My one
suggestion would be to break off the bit of code that needs to access
/proc/tty/driver/usbserial and run that code as root.
--
Horms
Reply to: