[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /dev/fb* permissions, local DoS

this is some strange

hour:/home/kr0n# cat /dev/urandom > /dev/fb0
bash: /dev/fb0: No such device

hour:/home/kr0n# ls -ls /dev/fb0
 0 crw--w--w-    1 root     tty       29,   0 Jul  5 14:44 /dev/fb0

Ethan Benson wrote:

On Mon, Nov 20, 2000 at 10:09:23AM +0100, Michel Dänzer wrote:

So 0620 might be better, with /dev/fb in group video or a dedicated group.

that seems more reasonable.

This is on a SuSE 6.4 system BTW:

crw-rw----   1 root     video     29,   0 Mar 11  2000 /dev/fb0

this is broken IMO, it allows all members of group video to grab a
copy of the current framebuffer contents. 620 is safer.

Reply to: