[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

/dev/fb* permissions, local DoS

does anyone know why debian has /dev/fb* with 622 permissions? 

the reason i ask is there is a pretty nasty security problem with
this, try the following:

cat /dev/urandom > /dev/fb0

on my system i get a instant kernel panic (2.2.17 from ftp.kernel.org).
since the framebuffer devices are world writable anyone with a shell
account can crash the system, not nice. (i have a blue G3 using

what is broken by setting the permissions on all the framebuffer
devices to 0600 ?

Ethan Benson

Attachment: pgpyruLYWkbli.pgp
Description: PGP signature

Reply to: