Re: User with no write permission on device can play audio

To: netbsd-users <netbsd-users%netbsd.org@localhost>
Subject: Re: User with no write permission on device can play audio
From: Julio Merino <jmmv%NetBSD.org@localhost>
Date: Sat, 7 Apr 2012 15:57:59 -0400

On Sat, Apr 7, 2012 at 2:02 PM, Mayuresh <mayuresh%acm.org@localhost> wrote:
> Understood that flash plugin runs via Linux emulation, which uses devices
> under emul/linux/
>
> To impose desired permissions for software that uses Linux emulation, I
> need to set the permissions under emul/linu/dev/sound* etc.
>
> Still wonder, isn't the physical device ultimately same? Can't setting the
> permissions on /dev/sound* restrict the permissions even for emulated
> devices? Does something run with setuid?

The permissions are on the _file_, not the kernel device.  Therefore,
if you have multiple device files pointing to the same major/minor
device combination, you'll need to ensure that all these files have
the appropriate permissions set.  Otherwise, as you have found, one
file will allow access to the hardware while the other won't.

And that's why mknod(2) won't allow regular users to create device files.

-- 
Julio Merino / @jmmv

References:
- User with no write permission on device can play audio
  - From: Mayuresh
- Re: User with no write permission on device can play audio
  - From: Mayuresh

Prev by Date: Re: User with no write permission on device can play audio
Next by Date: Re: Dummy network interface
Previous by Thread: Re: User with no write permission on device can play audio
Next by Thread: Dummy network interface
Indexes:

Home | Main Index | Thread Index | Old Index