[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

security implications of giving device access to a user account

Most of us who have used Linux for a length of time, know that, typically, normal user accounts do not have direct access to devices under /dev. My memories of this go back to the days of requiring my user account to be in the dialout group, in order to use minicom without sudo. Heck, what am I saying...I still use minicom today for switch programming. Old habits die hard I guess.

Today, a few of us over at rpmfusion are working on adding a complete raspberry pi repo. I've got a package review going for the raspberry pi video core userland library. As you might be able to gather from the name, this library is required for any software that needs/wants to offload to the gpu.  To facilitate that, this package creates the device /dev/vchiq with 660 permissions and is part of the video group. The question has come up whether we should continue with this behavior or whether we should just give it 666 permission. 

When I think about this, I realize that I've been doing it a certain way all these years because, you know, security. Just because that's the way we do it.  I am not sure I know exactly what the security concerns might be in this case. What risks might we be taking if we allow any user to have read access to this device?  I'm curious if there is anyone out there who might be able to speak to this in general terms.

The review request is here if anyone is interested:


No Trees were killed in the sending of this message.
However, a large number of electrons were terribly inconvenienced.