Re: perms of /dev/uhid0

• Previous message: Matt Piechota: "Re: perms of /dev/uhid0"
• In reply to: Matt Piechota: "Re: perms of /dev/uhid0"
• Next in thread: Matt Piechota: "Re: perms of /dev/uhid0"
• Reply: Matt Piechota: "Re: perms of /dev/uhid0"
• Reply: Mike Tancsa: "Re: perms of /dev/uhid0"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 26 Nov 2003 10:53:20 -0500
To: Matt Piechota <piechota@argolis.org>

At 10:28 AM 26/11/2003, Matt Piechota wrote:
>On Wed, 26 Nov 2003, Mike Tancsa wrote:
>
> > gastest# ls -l /dev/uhid0
> > crw-rw---- 1 root operator 122, 0 Nov 12 05:26 /dev/uhid0
> > gastest#
> >
> > Is it safe to chmod o+r /dev/uhid0 ? Or is there a better way to drop
> > privs of the daemon yet still be able to read from the device ?
>
>Maybe I'm a bit off, but: wouldn't it be okay to 'chgrp upsmon /dev/uhid0'
>in usbd.conf, and make a upsmon user and group to run the daemon under?

I know for our setup, there is nothing else that would need to talk to this
device so I could do something like that. Not sure of the implications if
someone unplugged the UPS and put their own device into the port. The
physical server is in a locked box, but the UPS is not. So if they somehow
managed to blow up the daemon by overflowing a buffer, it would be nice
that its a non root user. However, I do not try and read more than
sizeof(buffer) so I dont see any obvious ways...

         ---Mike

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Matt Piechota: "Re: perms of /dev/uhid0"
• In reply to: Matt Piechota: "Re: perms of /dev/uhid0"
• Next in thread: Matt Piechota: "Re: perms of /dev/uhid0"
• Reply: Matt Piechota: "Re: perms of /dev/uhid0"
• Reply: Mike Tancsa: "Re: perms of /dev/uhid0"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: perms of /dev/uhid0 ... I was reminded off list that I can drop privs after I open the ... and make a upsmon user and group to run the daemon under? ... The physical server is in a locked box, but the UPS is not. ... >if they somehow managed to blow up the daemon by overflowing a buffer, ... (FreeBSD-Security) Re: UPS for newbie (?) ... I'd recommend an APC UPS, ... to the PC - but that's still enough for the daemon to shut things down ... "Linux" - compatibility isn't an issue so you could just as easily grab it ... (alt.os.linux.suse) Re: NUT wont restart (FreeBSD 4.11) ... > I'm using Network UPS Tools from ports/sysutils to manage two Belkin UPSes ... > using the Belkin Universal driver, ... then the first UPS won't sync up with the driver daemon. ... (comp.unix.bsd.freebsd.misc) NUT wont restart (FreeBSD 4.11) ... I'm using Network UPS Tools from ports/sysutils to manage two Belkin UPSes ... using the Belkin Universal driver, ... then the first UPS won't sync up with the driver daemon. ... (comp.unix.bsd.freebsd.misc)