Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 26 Nov 2003 11:42:27 -0500
From:      Mike Tancsa <mike@sentex.net>
To:        freebsd-security@freebsd.org
Subject:   Re: perms of /dev/uhid0 
Message-ID:  <6.0.1.1.0.20031126112219.045d4668@209.112.4.2>
In-Reply-To: <6.0.1.1.0.20031126104757.034e1988@209.112.4.2>
References:  <6.0.1.1.0.20031126101602.06e8e9f0@209.112.4.2> <20031126102631.L16087@cithaeron.argolis.org> <6.0.1.1.0.20031126104757.034e1988@209.112.4.2>
next in thread | previous in thread | raw e-mail | index | archive | help 

Actually, I was reminded off list that I can drop privs after I open the 
device.  eg

         fd = open( devname, O_RDONLY );
         if( fd < 0 ) {
                 perror( "open" );
                 return -1;
         }

         /* when we get a SigUSR spit out to syslog the current battery 
level */
         signal(SIGUSR1,  handleSignal);


         if (!(pwent = getpwnam("nobody")))
         {
                 fprintf(stderr, "There must be a user called nobody for 
this program to work!");
                 exit(1);
         }
         else if (setuid(pwent->pw_uid) == -1)
         {
                 perror("Can't drop privileges");
                 exit(1);
         }

Thanks to all who responded!

         ---Mike


At 10:53 AM 26/11/2003, Mike Tancsa wrote:
>At 10:28 AM 26/11/2003, Matt Piechota wrote:
>>On Wed, 26 Nov 2003, Mike Tancsa wrote:
>>
>> > gastest# ls -l /dev/uhid0
>> > crw-rw----  1 root  operator  122,   0 Nov 12 05:26 /dev/uhid0
>> > gastest#
>> >
>> > Is it safe to chmod o+r /dev/uhid0 ?  Or is there a better way to drop
>> > privs of the daemon yet still be able to read from the device ?
>>
>>Maybe I'm a bit off, but: wouldn't it be okay to 'chgrp upsmon /dev/uhid0'
>>in usbd.conf, and make a upsmon user and group to run the daemon under?
>
>I know for our setup, there is nothing else that would need to talk to 
>this device so I could do something like that.  Not sure of the 
>implications if someone unplugged the UPS and put their own device into 
>the port.  The physical server is in a locked box, but the UPS is not. So 
>if they somehow managed to blow up the daemon by overflowing a buffer, it 
>would be nice that its a non root user.  However, I do not try and read 
>more than sizeof(buffer) so I dont see any obvious ways...
>
>         ---Mike
>_______________________________________________
>freebsd-security@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-security
>To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.1.1.0.20031126112219.045d4668>