Date: Sat, 23 Feb 2002 01:08:19 -0800 (PST) From: "George W. Dinolt" <gdinolt@pacbell.net> To: freebsd-gnats-submit@FreeBSD.org Subject: kern/35234: World access to /dev/pass? (for scanner) requires access to /dev/xpt? Message-ID: <200202230908.g1N98JB35850@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 35234 >Category: kern >Synopsis: World access to /dev/pass? (for scanner) requires access to /dev/xpt? >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Feb 23 01:10:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: George W. Dinolt >Release: FreeBSD 5.0 Current >Organization: >Environment: FreeBSD dinolt2.bingdrive.org 5.0-CURRENT FreeBSD 5.0-CURRENT #0: Fri Feb 15 11:18:12 PST 2002 root@dinolt2.bingdrive.org:/usr/obj/usr/src/sys/DS-50 i386 >Description: I have a scanner on my scsi chain. It currently is visible on /dev/pass2. In FreeBSD 4.4 (and previous), I only had to change permissions on /dev/pass2 to 666 to allow anyone to access the scanner. On a very recent 5.0 Current build, I also have to change the permissions on /dev/xpt0 to 666 in order to enable a user other than "root" access to the scanner. I am using sane and xsane as my scanner tools. I think this intoduces a security vulnerability, since /dev/xpt0 is now world readable/writeable. >How-To-Repeat: Put a scanner on the scsi chain. Determine the pass device node associated with the scanner. Change the permissions on that pass device node to 666. Note that the scanning software will fail with a no device available message. Change permissions on /dev/xpt0 to 666. Note that the scanner is now accessible. >Fix: >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200202230908.g1N98JB35850>