From mboxrd@z Thu Jan  1 00:00:00 1970
Return-path: <ptxdist-bounces@pengutronix.de>
Received: from ptx.hi.pengutronix.de ([2001:6f8:1178:2:5054:ff:fec0:8e10]
	ident=Debian-exim) by metis.ext.pengutronix.de with esmtp (Exim 4.72)
	(envelope-from <mol@pengutronix.de>) id 1TO9a5-0008UE-PP
	for ptxdist@pengutronix.de; Tue, 16 Oct 2012 18:01:21 +0200
Received: from mol by ptx.hi.pengutronix.de with local (Exim 4.72)
	(envelope-from <mol@pengutronix.de>) id 1TO9a5-0003IS-Ns
	for ptxdist@pengutronix.de; Tue, 16 Oct 2012 18:01:21 +0200
Date: Tue, 16 Oct 2012 18:01:21 +0200
From: Michael Olbrich <m.olbrich@pengutronix.de>
Message-ID: <20121016160121.GO29469@pengutronix.de>
References: <1350402332-25097-1-git-send-email-post@lespocky.de>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <1350402332-25097-1-git-send-email-post@lespocky.de>
Subject: Re: [ptxdist] [PATCH] rootfs: change permissions of initial device
 nodes according to LFS 6.1.1
Reply-To: ptxdist@pengutronix.de
List-Id: PTXdist Development Mailing List <ptxdist.pengutronix.de>
List-Unsubscribe: <http://metis.pengutronix.de/cgi-bin/mailman/options/ptxdist>, 
	<mailto:ptxdist-request@pengutronix.de?subject=unsubscribe>
List-Archive: <http://metis.pengutronix.de/pipermail/ptxdist>
List-Post: <mailto:ptxdist@pengutronix.de>
List-Help: <mailto:ptxdist-request@pengutronix.de?subject=help>
List-Subscribe: <http://metis.pengutronix.de/cgi-bin/mailman/listinfo/ptxdist>, 
	<mailto:ptxdist-request@pengutronix.de?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ptxdist-bounces@pengutronix.de
Errors-To: ptxdist-bounces@pengutronix.de
To: ptxdist@pengutronix.de

On Tue, Oct 16, 2012 at 05:45:32PM +0200, Alexander Dahl wrote:
> Non priviledged users could not write to /dev/null before. Checked the
> correct permissions by looking at Ubuntu/Debian and LFS. The
> permissions are maybe overwritten by udev, but on targets without udev
> but static dev tree, this would prevent non-root users to access these
> devices.

I can accept the changes for /dev/null and /dev/zero, but I don't think
user processes should access /dev/console. That's what ttys are for.

Michael

> Signed-off-by: Alexander Dahl <post@lespocky.de>
> ---
>  rules/rootfs.make |    6 +++---
>  1 files changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/rules/rootfs.make b/rules/rootfs.make
> index 4ba33d1..1f9a0f0 100644
> --- a/rules/rootfs.make
> +++ b/rules/rootfs.make
> @@ -38,9 +38,9 @@ ifdef PTXCONF_ROOTFS_DEV
>  	@$(call install_copy, rootfs, 0, 0, 0755, /dev)
>  endif
>  ifdef PTXCONF_ROOTFS_DEV_INITIAL
> -	@$(call install_node, rootfs, 0, 0, 0644, c, 1, 3, /dev/null)
> -	@$(call install_node, rootfs, 0, 0, 0644, c, 1, 5, /dev/zero)
> -	@$(call install_node, rootfs, 0, 0, 0600, c, 5, 1, /dev/console)
> +	@$(call install_node, rootfs, 0, 0, 0666, c, 1, 3, /dev/null)
> +	@$(call install_node, rootfs, 0, 0, 0666, c, 1, 5, /dev/zero)
> +	@$(call install_node, rootfs, 0, 0, 0622, c, 5, 1, /dev/console)
>  endif
>  ifdef PTXCONF_ROOTFS_HOME
>  	@$(call install_copy, rootfs, 0, 0, 2775, /home)
> -- 
> 1.7.2.5
> 
> 
> -- 
> ptxdist mailing list
> ptxdist@pengutronix.de
> 

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

-- 
ptxdist mailing list
ptxdist@pengutronix.de