Re: missing udev permissions

To: debian-powerpc@lists.debian.org
Subject: Re: missing udev permissions
From: Holger Levsen <debian@layer-acht.org>
Date: Wed, 29 Sep 2004 09:27:34 +0200
Message-id: <[🔎] 200409290927.34081.debian@layer-acht.org>
In-reply-to: <[🔎] 20040925180125.GA23177@pants.nu>
References: <[🔎] 20040925004115.B58562E3AB@murphy.debian.org> <[🔎] 20040925180125.GA23177@pants.nu>

Hi,

On Saturday 25 September 2004 20:01, Brad Boyer wrote:
> On Fri, Sep 24, 2004 at 07:41:15PM -0500, Holger Levsen wrote:
> > I believe the following devices are missing
> > from  /etc/udev/permissions.d/udev.permissions (udev, Version: 0.031-2,
> > sarge install with kernel-image-powerpc-2.6.8):
> >
> > adb:root:users:0660
> > pmu:root:users:0660
> > input/event*:root:users:0660
> >
> > I needed them to be able to use "fnset" as user, and pbbuttons-setupenv
> > suggested them as well.
> >
> > Also I'm not sure into which group these files belong as I don't really
> > know any deeper details about the devices. (And I am a little tired as
> > well ;)
>
> I honestly cannot suggest allowing regular users to access /dev/adb. It
> is a raw interface directly onto the bus, and you can really mess up
> stuff if you misuse it. The code does try to prevent a few things by
> paying a little attention to what you send, but the code for it is most
> certainly not written with user access in mind.
>
> I understand that several utilities like fnset and trackpad use it
> anyway, but I still think it's a bad idea to allow users full access.

Ok, after reading this i fully agree that giving it to the group users is a 
bad idea. Do you think it's a good idea to treat the three above mentioned 
devices the same ?

On Wednesday 29 September 2004 03:13, Bryan Forbes wrote:
> For my machine, I have this in a pmud.permissions file
> in /etc/udev/permissions.d:
>
> pmu:root:pmu:660
>
> Then I added myself to the pmu group.  Works like a charm, and I'd say
> it's fairly secure.  I've thought about proposing this to the developer
> of pmud or pbbuttonsd, but never got around to it.

Would this be a sane approach for a default install ? Give a warning about the 
implied security implications and ask which users to add to the pmu group 
(which has to be created as well)...

At  the moment these devices are not mentioned in /etc/udev which I believe is 
a bug. 

(I'm not really looking for a solution only for myself (then I could easily 
give the devices to my users main group) but a more general approach which 
works out of the box.) 


thanx for your replies,
regards,
 holger

Reply to:

References:
- missing udev permissions
  - From: Holger Levsen <debian@layer-acht.org>
- Re: missing udev permissions
  - From: Brad Boyer <flar@allandria.com>

Prev by Date: Re: No HFS driver, and "change install priority" menu option missing -- and other bugs found while testing 2.4 boot floppies on OldWorld PowerMac
Next by Date: Re: window downgrade from 98 to 95
Previous by thread: Re: missing udev permissions
Next by thread: Re: missing udev permissions
Index(es):
- Date
- Thread