drivers/: Multiple Drivers Are Registered With World Writable Part 3#19453
Conversation
Summary Permissions (Part 3) Description: In kernel builds, any unprivileged process running on the NuttX device can open /dev/efuse and attempt to read/write fuse content. Reading the fuses may provide valuable information to an attacker controlling the user process. The write operation, in extreme cases where the fuse blocks are not locked, may brick the device. DISCLAIMER: I tried to be strict with the settings, better to relax them later if it's needed. This is part of apache#19410 Impact See apache#19410 Testing Compiles ok. Signed-off-by: Catalin Visinescu <catalin_visinescu@yahoo.com>
|
@catalinv-ncc @xiaoxiang781216 @Abhishekmishra2808 I think these changes should be analyzed with more care. I think removing permission from groups will prevent a user added to a group be able to control a device (that should give him access to read/write a device). Also @raiden00pl and @linguini1 please review |
|
The thinking was that we start with these strict settings as we wish to be as strict as possible. If we discover that in some situations some group needs specific permissions, we will evaluate and relax the settings. we might change from 0600 to 0640, for instance. Please let me know if you have other thoughts, thank you. |
yes, I think so. since the check isn't enabled by default, it isn't bad to use more strict permission initially. |
Summary
Permissions (Part 3/3)
Description:
In kernel builds, any unprivileged process running on the NuttX device can open /dev/efuse and attempt to read/write fuse content. Reading the fuses may provide valuable information to an attacker controlling the user process. The write operation, in extreme cases where the fuse blocks are not locked, may brick the device.
DISCLAIMER: I tried to be strict with the settings, better to relax them later if it's needed.
This is part of #19410
Impact
See #19410
Testing
Compiles ok.