Re: Bug#404927: udev believes hardware raid devices are removable and sets the permissions to group floppy
On Jan 05, dann frazier [EMAIL PROTECTED] wrote: Can you point me to (or explain) how the floppy group is currently defined and how it is differentiated by plugdev? It's supposed to be used for removable media: floppy disks, memory cards or USB and firewire hard disks. (Except optical media, which are owned by group cdrom.) Ok - and what is plugdev for? It controls /who/ can mount these devices. -- ciao, Marco signature.asc Description: Digital signature
Re: Bug#404927: udev believes hardware raid devices are removable and sets the permissions to group floppy
On Jan 04, dann frazier [EMAIL PROTECTED] wrote: Mark Salyzyn's reply on LKML suggests that this problem maybe more widespread and possibly difficult audit on the kernel side. Could we do something like change the default block/removable device to GROUP=disk, and override fd type devices w/ GROUP=floppy? This seems like a more secure default for etch, given the circumstances. There is much more than fd type devices which need to be removable so if this needs to be worked around in udev I'd rather use an explicit list of broken drivers. BTW, I understand that HAL and maybe pmount will show the same issue. I also wonder why no other distribution noticed this. -- ciao, Marco signature.asc Description: Digital signature
Re: Bug#404927: udev believes hardware raid devices are removable and sets the permissions to group floppy
On Jan 04, dann frazier [EMAIL PROTECTED] wrote: Right - but what I'm suggesting is that we change the default group for removable block devices from floppy to disk. e.g., something like this untested patch: No way. Look at the reactions to these bugs: #402622, #402649, #321642 BTW, I understand that HAL and maybe pmount will show the same issue. ok - how so? I think they both trust the kernel about knowing if a device is removable or not. I also wonder why no other distribution noticed this. Its probably worth asking on the udev list - you want me to do this? OK. -- ciao, Marco signature.asc Description: Digital signature
Re: Bug#404927: udev believes hardware raid devices are removable and sets the permissions to group floppy
On Thu, Jan 04, 2007 at 05:13:44PM +0100, Marco d'Itri wrote:
On Jan 04, dann frazier [EMAIL PROTECTED] wrote:
Mark Salyzyn's reply on LKML suggests that this problem maybe more
widespread and possibly difficult audit on the kernel side. Could
we do something like change the default block/removable device to
GROUP=disk, and override fd type devices w/ GROUP=floppy? This seems
like a more secure default for etch, given the circumstances.
There is much more than fd type devices which need to be removable so
if this needs to be worked around in udev
Right - but what I'm suggesting is that we change the default group
for removable block devices from floppy to disk.
e.g., something like this untested patch:
--- permissions.rules.orig 2007-01-04 09:21:29.0 -0700
+++ permissions.rules 2007-01-04 09:22:30.0 -0700
@@ -11,7 +11,10 @@
# default permissions for block devices
SUBSYSTEM==block,GROUP=disk
-SUBSYSTEM==block, ATTRS{removable}==1, GROUP=floppy
+SUBSYSTEM==block, ATTRS{removable}==1, GROUP=disk
+
+# floppy devices
+KERNEL==fd[0-9]*,GROUP=floppy
# IDE devices
KERNEL==hd[a-z]|pcd[0-9]*, DRIVERS==ide-cdrom|pcd, \
That seems like a far more secure default for Debian, given that no
users are in the disk group by default.
I'd rather use an explicit list of broken drivers.
In the lifetime of etch, people will be using drivers we haven't yet
seen. Its less of a risk that this will be a floppy device, and it
would have less of an impact.
BTW, I understand that HAL and maybe pmount will show the same issue.
ok - how so?
I also wonder why no other distribution noticed this.
Its probably worth asking on the udev list - you want me to do this?
--
dann frazier
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Bug#404927: udev believes hardware raid devices are removable and sets the permissions to group floppy
On Thu, Jan 04, 2007 at 05:39:31PM +0100, Marco d'Itri wrote: On Jan 04, dann frazier [EMAIL PROTECTED] wrote: Right - but what I'm suggesting is that we change the default group for removable block devices from floppy to disk. e.g., something like this untested patch: No way. Look at the reactions to these bugs: #402622, #402649, #321642 Ok I've read through these reports and it looks like I misunderstood how we currently use the floppy group. It appears to be used for more devices than just floppies, though it seems counterintuitive to me. Can you point me to (or explain) how the floppy group is currently defined and how it is differentiated by plugdev? For now, I can only suggest adding workarounds for the devices identified by Mark in this report - aacraid, ips, and dpt_i2o. And perhaps we should update the passwd/make-user Template in user-setup to warn that this first account will have special priveleges? I think they both trust the kernel about knowing if a device is removable or not. yes, that makes sense - I was only thinking about the security aspect of this issue when I asked, since that is what earned this bug such a high severity. I also wonder why no other distribution noticed this. Its probably worth asking on the udev list - you want me to do this? OK. I'll send a note after this message. I just took a look at the distro config files in the udev upstream tarball, and it looks like we are the only ones that use the removable flag when picking a group, so its probably not a big deal for them, security wise. -- dann frazier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Bug#404927: udev believes hardware raid devices are removable and sets the permissions to group floppy
On Jan 05, dann frazier [EMAIL PROTECTED] wrote: Can you point me to (or explain) how the floppy group is currently defined and how it is differentiated by plugdev? It's supposed to be used for removable media: floppy disks, memory cards or USB and firewire hard disks. (Except optical media, which are owned by group cdrom.) For now, I can only suggest adding workarounds for the devices identified by Mark in this report - aacraid, ips, and dpt_i2o. I will need to see sample udevinfo output for each driver, unless somebody already knows a rule to match them. yes, that makes sense - I was only thinking about the security aspect of this issue when I asked, since that is what earned this bug such a high severity. Thinking again about this it should not matter for pmount. I am not sure about HAL, but probably not either. -- ciao, Marco signature.asc Description: Digital signature
Re: Bug#404927: udev believes hardware raid devices are removable and sets the permissions to group floppy
On Fri, Dec 29, 2006 at 11:29:59AM +0100, Marco d'Itri wrote: reassign 404927 linux-2.6 thanks On Dec 29, Stefanos Harhalakis [EMAIL PROTECTED] wrote: Notice the 'aacraid' and 'adaptec' values that identify the hardware raid controller and the 'removable flag. I believe that this is not a misconfiguration of me and I don't have access to another machine with a hardware raid controller to test it there. Blame the kernel then, udev just believes the information provided. hey Marco, Can you elaborate on what you believe the kernel is doing incorrectly? My first guess would be the setting of the removable flag, but aacraid claims to be setting this to prevent partition table caching - do you believe that to be an incorrect usage? An explanation for it is here: http://www.ussg.iu.edu/hypermail/linux/kernel/0602.2/1231.html It seems like there is precedence for workarounds for older kernels in permissions.rules, so would it be appropriate to add an override of the default floppy rule for aacraid devices for compatability even if this is a kernel bug? -- dann frazier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Bug#404927: udev believes hardware raid devices are removable and sets the permissions to group floppy
On Jan 03, dann frazier [EMAIL PROTECTED] wrote: Can you elaborate on what you believe the kernel is doing incorrectly? My first guess would be the setting of the removable flag, but aacraid claims to be setting this to prevent partition table caching - do you believe that to be an incorrect usage? Yes, this looks like an abuse of the interface to me. It seems like there is precedence for workarounds for older kernels in permissions.rules, so would it be appropriate to add an override of the default floppy rule for aacraid devices for compatability even if this is a kernel bug? There are workarounds for bugs which are going to be fixed, but looks like this is going to stay forever... Are there other drivers in this situation? -- ciao, Marco signature.asc Description: Digital signature
Bug#404927: udev believes hardware raid devices are removable and sets the permissions to group floppy
On Wed, Jan 03, 2007 at 11:49:51AM +0100, Marco d'Itri wrote: Are there other drivers in this situation? hey Marco, Mark Salyzyn's reply on LKML suggests that this problem maybe more widespread and possibly difficult audit on the kernel side. Could we do something like change the default block/removable device to GROUP=disk, and override fd type devices w/ GROUP=floppy? This seems like a more secure default for etch, given the circumstances. -- dann frazier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Bug#404927: udev believes hardware raid devices are removable and sets the permissions to group floppy
reassign 404927 linux-2.6 thanks On Dec 29, Stefanos Harhalakis [EMAIL PROTECTED] wrote: Notice the 'aacraid' and 'adaptec' values that identify the hardware raid controller and the 'removable flag. I believe that this is not a misconfiguration of me and I don't have access to another machine with a hardware raid controller to test it there. Blame the kernel then, udev just believes the information provided. -- ciao, Marco signature.asc Description: Digital signature
Processed: Re: Bug#404927: udev believes hardware raid devices are removable and sets the permissions to group floppy
Processing commands for [EMAIL PROTECTED]: reassign 404927 linux-2.6 Bug#404927: udev believes hardware raid devices are removable and sets the permissions to group floppy Bug reassigned from package `udev' to `linux-2.6'. thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
