From robert@fledge.watson.org  Wed Jan 31 15:54:46 2001
Return-Path: <robert@fledge.watson.org>
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by hub.freebsd.org (Postfix) with ESMTP id 5CD7B37B4EC
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 31 Jan 2001 15:54:45 -0800 (PST)
Received: (from robert@localhost)
	by fledge.watson.org (8.11.1/8.11.1) id f0VNsit01407;
	Wed, 31 Jan 2001 18:54:44 -0500 (EST)
	(envelope-from robert)
Message-Id: <200101312354.f0VNsit01407@fledge.watson.org>
Date: Wed, 31 Jan 2001 18:54:44 -0500 (EST)
From: rwatson@freebsd.org
Reply-To: rwatson@freebsd.org
To: FreeBSD-gnats-submit@freebsd.org
Subject: devfs uses inappropriate permissions for {acd0,...}
X-Send-Pr-Version: 3.2

>Number:         24765
>Category:       kern
>Synopsis:       /dev mounted from devfs has excessively liberal acd perms
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    sos
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jan 31 16:00:01 PST 2001
>Closed-Date:    Mon Apr 2 12:24:24 PDT 2001
>Last-Modified:  Mon Apr 02 12:25:46 PDT 2001
>Originator:     Robert Watson
>Release:        FreeBSD 5.0-CURRENT i386
>Organization:
>Environment:

FreeBSD dev2-crash.trustedbsd.org 5.0-CURRENT FreeBSD 5.0-CURRENT #0: Wed Jan 31 17:49:43 EST 2001     root@dev2-crash.trustedbsd.org:/usr/obj/usr/src/sys/GENERIC  i386

>Description:

devfs provides spiffy keen automatic /dev management.  Unfortunately,
some default permissions are poor, and permit leaking of information
inappropriately.

Here are some excerpts from my dev box:

crw-r--r--  1 root  operator  117,   0 Dec 31  1969 acd0a
crw-r--r--  1 root  operator  117,   2 Dec 31  1969 acd0c
lrw-rw-rw-  1 root  wheel            5 Jan 31 18:39 audio -> audio0.0
crw-rw-rw-  1 root  wheel      30,   4 Dec 31  1969 audio0.0
crw-rw-rw-  1 root  wheel      30, 0x00010004 Dec 31  1969 audio0.1
crw-rw-rw-  1 root  wheel      21,   0 Dec 31  1969 bpsm0
lrw-rw-rw-  1 root  wheel            3 Jan 31 18:39 dsp -> dsp0.0
crw-rw-rw-  1 root  wheel      30,   3 Dec 31  1969 dsp0.0
crw-rw-rw-  1 root  wheel      30, 0x00010003 Dec 31  1969 dsp0.1
lrw-rw-rw-  1 root  wheel            4 Jan 31 18:39 dspW -> dspW0.0
crw-rw-rw-  1 root  wheel      30,   5 Dec 31  1969 dspW0.0
crw-rw-rw-  1 root  wheel      30, 0x00010005 Dec 31  1969 dspW0.1
lrw-rw-rw-  1 root  wheel            5 Jan 31 18:39 mixer -> mixer0
crw-rw-rw-  1 root  wheel      30,   0 Dec 31  1969 mixer0
crw-rw-rw-  1 root  wheel      21,   1 Dec 31  1969 psm0

Cam has offered to look into the sound device issues, but the permissions
that really worry me are the ones on the ATAPI CDROM.  Just because I
put a CD in the drive doesn't mean that every user should be able to
read from it.  Using the same settings as for the ad* devices might make
the most sense.  There may be other devices that have excessively liberal
permissions, and the kernel should be reviewed to determine that they
are correct, and documentation of devfs node creation calls should be
sure to warn device developers that they need to be careful.

>How-To-Repeat:

Use GENERIC after options DEVFS was enabled by default.

>Fix:

Find device developer.  Hit device developer with corrected manpage.
Fix code.


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->sos 
Responsible-Changed-By: kris 
Responsible-Changed-When: Fri Feb 2 02:45:59 PST 2001 
Responsible-Changed-Why:  
Over to Mr ATA 

http://www.freebsd.org/cgi/query-pr.cgi?pr=24765 
State-Changed-From-To: open->closed 
State-Changed-By: sos 
State-Changed-When: Mon Apr 2 12:24:24 PDT 2001 
State-Changed-Why:  
It has been taken under consideration, it will change  
eventually when devfs becomes mandatory. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=24765 
>Unformatted:
