Bug#404927: marked as done (udev believes hardware raid devices are removable and sets the permissions to group floppy)
Your message dated Mon, 15 Feb 2010 02:26:19 +0100
with message-id <20100215012619.GA20863@galadriel.inutil.org>
and subject line Re: udev believes hardware raid devices are removable and sets the permissions to group floppy
has caused the Debian Bug report #404927,
regarding udev believes hardware raid devices are removable and sets the permissions to group floppy
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
404927: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=404927
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: udev believes hardware raid devices are removable and sets the permissions to group floppy
- From: Stefanos Harhalakis <v13@priest.com>
- Date: Fri, 29 Dec 2006 11:51:41 +0200
- Message-id: <200612290952.kBT9qg6h009021@alpha.it.teithe.gr>
Package: udev
Version: 0.103-1
Severity: critical
Tags: security
Justification: root security hole
Hi there,
Just noticed that udev sets the group of the hard disks to 'floppy'
making them r/w to this group (actually, tiger noticed it):
brw-rw---- 1 root floppy 8, 0 Dec 29 11:25 /dev/sda
brw-rw---- 1 root floppy 8, 1 Dec 29 11:25 /dev/sda1
brw-rw---- 1 root floppy 8, 2 Dec 29 11:25 /dev/sda2
brw-rw---- 1 root floppy 8, 5 Dec 29 11:25 /dev/sda5
brw-rw---- 1 root floppy 8, 6 Dec 29 11:25 /dev/sda6
brw-rw---- 1 root floppy 8, 16 Dec 29 11:25 /dev/sdb
brw-rw---- 1 root floppy 8, 17 Dec 29 11:25 /dev/sdb1
brw-rw---- 1 root floppy 8, 32 Dec 29 11:25 /dev/sdc
brw-rw---- 1 root floppy 8, 33 Dec 29 11:25 /dev/sdc1
brw-rw---- 1 root floppy 8, 48 Dec 29 11:25 /dev/sdd
brw-rw---- 1 root floppy 8, 49 Dec 29 11:25 /dev/sdd1
brw-rw---- 1 root floppy 8, 50 Dec 29 11:25 /dev/sdd2
The machine has a hardware raid controller:
0000:02:01.0 RAID bus controller: Adaptec AAC-RAID (rev 01)
udevinfo gives this:
looking at device '/block/sda':
KERNEL=="sda"
SUBSYSTEM=="block"
DRIVER==""
ATTR{stat}==" 3560 800 197252 27816 2406 4639 56368 392728 0 31056 420544"
ATTR{size}=="20971776"
ATTR{removable}=="1"
ATTR{range}=="16"
ATTR{dev}=="8:0"
looking at parent device '/devices/pci0000:00/0000:00:1c.0/0000:02:01.0/host0/target0:0:0/0:0:0:0':
KERNELS=="0:0:0:0"
SUBSYSTEMS=="scsi"
DRIVERS=="sd"
ATTRS{ioerr_cnt}=="0x0"
ATTRS{iodone_cnt}=="0x1771"
ATTRS{iorequest_cnt}=="0x1771"
ATTRS{iocounterbits}=="32"
ATTRS{timeout}=="30"
ATTRS{state}=="running"
ATTRS{rev}=="V1.0"
ATTRS{model}=="linux "
ATTRS{vendor}=="Adaptec "
ATTRS{scsi_level}=="3"
ATTRS{type}=="0"
ATTRS{queue_type}=="ordered"
ATTRS{queue_depth}=="256"
ATTRS{device_blocked}=="0"
looking at parent device '/devices/pci0000:00/0000:00:1c.0/0000:02:01.0/host0/target0:0:0':
KERNELS=="target0:0:0"
SUBSYSTEMS==""
DRIVERS==""
looking at parent device '/devices/pci0000:00/0000:00:1c.0/0000:02:01.0/host0':
KERNELS=="host0"
SUBSYSTEMS==""
DRIVERS==""
looking at parent device '/devices/pci0000:00/0000:00:1c.0/0000:02:01.0':
KERNELS=="0000:02:01.0"
SUBSYSTEMS=="pci"
DRIVERS=="aacraid"
ATTRS{broken_parity_status}=="0"
ATTRS{enable}=="1"
ATTRS{modalias}=="pci:v00009005d00000285sv00009005sd00000290bc01sc04i00"
ATTRS{local_cpus}=="ff"
ATTRS{irq}=="169"
ATTRS{class}=="0x010400"
ATTRS{subsystem_device}=="0x0290"
ATTRS{subsystem_vendor}=="0x9005"
ATTRS{device}=="0x0285"
ATTRS{vendor}=="0x9005"
looking at parent device '/devices/pci0000:00/0000:00:1c.0':
KERNELS=="0000:00:1c.0"
SUBSYSTEMS=="pci"
DRIVERS==""
ATTRS{broken_parity_status}=="0"
ATTRS{enable}=="1"
ATTRS{modalias}=="pci:v00008086d000025AEsv00000000sd00000000bc06sc04i00"
ATTRS{local_cpus}=="ff"
ATTRS{irq}=="0"
ATTRS{class}=="0x060400"
ATTRS{subsystem_device}=="0x0000"
ATTRS{subsystem_vendor}=="0x0000"
ATTRS{device}=="0x25ae"
ATTRS{vendor}=="0x8086"
looking at parent device '/devices/pci0000:00':
KERNELS=="pci0000:00"
SUBSYSTEMS==""
DRIVERS==""
Notice the 'aacraid' and 'adaptec' values that identify the hardware
raid controller and the 'removable flag. I believe that this is not
a misconfiguration of me and I don't have access to another machine
with a hardware raid controller to test it there.
I've classified this as a serious security hole, since the first user
that is created when installing debian is in group 'floopy' and thus
he may get superuser privileges in many ways and cause total data
loss.
Thanks in advance...
-- Package-specific info:
-- /etc/udev/rules.d/:
/etc/udev/rules.d/:
total 4
lrwxrwxrwx 1 root root 20 2006-02-03 14:43 020_permissions.rules -> ../permissions.rules
lrwxrwxrwx 1 root root 13 2006-02-03 14:43 udev.rules -> ../udev.rules
lrwxrwxrwx 1 root root 25 2006-04-16 12:47 z20_persistent-input.rules -> ../persistent-input.rules
lrwxrwxrwx 1 root root 19 2006-02-03 14:43 z20_persistent.rules -> ../persistent.rules
-rw-r--r-- 1 root root 605 2006-09-20 20:36 z25_persistent-net.rules
lrwxrwxrwx 1 root root 33 2006-05-28 15:54 z45_persistent-net-generator.rules -> ../persistent-net-generator.rules
lrwxrwxrwx 1 root root 12 2006-02-03 14:43 z50_run.rules -> ../run.rules
lrwxrwxrwx 1 root root 16 2006-02-03 14:43 z55_hotplug.rules -> ../hotplug.rules
lrwxrwxrwx 1 root root 29 2006-09-20 20:36 z75_cd-aliases-generator.rules -> ../cd-aliases-generator.rules
-- /sys/:
/sys/block/ram0/dev
/sys/block/ram10/dev
/sys/block/ram11/dev
/sys/block/ram12/dev
/sys/block/ram13/dev
/sys/block/ram14/dev
/sys/block/ram15/dev
/sys/block/ram1/dev
/sys/block/ram2/dev
/sys/block/ram3/dev
/sys/block/ram4/dev
/sys/block/ram5/dev
/sys/block/ram6/dev
/sys/block/ram7/dev
/sys/block/ram8/dev
/sys/block/ram9/dev
/sys/block/sda/dev
/sys/block/sda/sda1/dev
/sys/block/sda/sda2/dev
/sys/block/sda/sda5/dev
/sys/block/sda/sda6/dev
/sys/block/sdb/dev
/sys/block/sdb/sdb1/dev
/sys/block/sdc/dev
/sys/block/sdc/sdc1/dev
/sys/block/sdd/dev
/sys/block/sdd/sdd1/dev
/sys/block/sdd/sdd2/dev
/sys/class/graphics/fb0/dev
/sys/class/i2c-dev/i2c-0/dev
/sys/class/input/input0/event0/dev
/sys/class/input/input1/event1/dev
/sys/class/input/input2/event2/dev
/sys/class/input/input2/mouse0/dev
/sys/class/input/input2/ts0/dev
/sys/class/input/mice/dev
/sys/class/misc/hpet/dev
/sys/class/misc/psaux/dev
/sys/class/misc/snapshot/dev
/sys/class/misc/watchdog/dev
/sys/class/usb_device/usbdev1.1/dev
/sys/class/usb_device/usbdev2.1/dev
/sys/class/usb_device/usbdev3.1/dev
/sys/devices/pci0000:00/0000:00:1d.0/usb2/2-0:1.0/usbdev2.1_ep81/dev
/sys/devices/pci0000:00/0000:00:1d.0/usb2/usbdev2.1_ep00/dev
/sys/devices/pci0000:00/0000:00:1d.1/usb3/3-0:1.0/usbdev3.1_ep81/dev
/sys/devices/pci0000:00/0000:00:1d.1/usb3/usbdev3.1_ep00/dev
/sys/devices/pci0000:00/0000:00:1d.7/usb1/1-0:1.0/usbdev1.1_ep81/dev
/sys/devices/pci0000:00/0000:00:1d.7/usb1/usbdev1.1_ep00/dev
-- Kernel configuration:
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.18-3-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages udev depends on:
ii debconf [debconf-2.0] 1.4.30.13 Debian configuration management sy
ii libc6 2.3.6.ds1-8 GNU C Library: Shared libraries
ii libselinux1 1.32-3 SELinux shared libraries
ii libvolume-id0 0.103-1 libvolume_id shared library
ii lsb-base 3.1-22 Linux Standard Base 3.1 init scrip
-- debconf information:
udev/new_kernel_needed: false
udev/reboot_needed:
--- End Message ---
--- Begin Message ---
- To: Stefanos Harhalakis <v13@priest.com>
- Cc: 404927-done@bugs.debian.org
- Subject: Re: udev believes hardware raid devices are removable and sets the permissions to group floppy
- From: Moritz Muehlenhoff <jmm@inutil.org>
- Date: Mon, 15 Feb 2010 02:26:19 +0100
- Message-id: <20100215012619.GA20863@galadriel.inutil.org>
- In-reply-to: <200612290952.kBT9qg6h009021@alpha.it.teithe.gr>
- References: <200612290952.kBT9qg6h009021@alpha.it.teithe.gr>
On Fri, Dec 29, 2006 at 11:51:41AM +0200, Stefanos Harhalakis wrote:
> Package: udev
> Version: 0.103-1
> Severity: critical
> Tags: security
> Justification: root security hole
>
>
> Hi there,
>
> Just noticed that udev sets the group of the hard disks to 'floppy'
> making them r/w to this group (actually, tiger noticed it):
>
> brw-rw---- 1 root floppy 8, 0 Dec 29 11:25 /dev/sda
> brw-rw---- 1 root floppy 8, 1 Dec 29 11:25 /dev/sda1
> brw-rw---- 1 root floppy 8, 2 Dec 29 11:25 /dev/sda2
> brw-rw---- 1 root floppy 8, 5 Dec 29 11:25 /dev/sda5
> brw-rw---- 1 root floppy 8, 6 Dec 29 11:25 /dev/sda6
> brw-rw---- 1 root floppy 8, 16 Dec 29 11:25 /dev/sdb
> brw-rw---- 1 root floppy 8, 17 Dec 29 11:25 /dev/sdb1
> brw-rw---- 1 root floppy 8, 32 Dec 29 11:25 /dev/sdc
> brw-rw---- 1 root floppy 8, 33 Dec 29 11:25 /dev/sdc1
> brw-rw---- 1 root floppy 8, 48 Dec 29 11:25 /dev/sdd
> brw-rw---- 1 root floppy 8, 49 Dec 29 11:25 /dev/sdd1
> brw-rw---- 1 root floppy 8, 50 Dec 29 11:25 /dev/sdd2
>
> The machine has a hardware raid controller:
This was fixed in udev for Lenny in a point update and shouldn't occur
with recent kernels any longer.
Please reopen if you can still reproduce the error with a current setup.
Cheers,
Moritz
--- End Message ---
Reply to: