Hi experts,
       I'm working on a USB project. This project is going to deliver an SMF 
service which spawns a daemon process to manage USB devices in the system. The 
daemon characteristic and USB hotplugable nature cause some problems.
USB device drivers exports their device nodes as owned by root user with 
permission set to 644. This means only root can do ioctl on the device nodes.
        I know in a daemon process, all needed files and devices can be opened 
before set itself to daemon user and remove some privileges, then the process 
can still access(write) those opened files/devices as daemon user. But for a 
USB device, it can be hotplugged at anytime. If the daemon process has been 
started and set to daemon user, then it can not do ioctl on the newly added USB 
device even if it can open that device node. That's the problem, since some USB 
device will act as host to connect with other USB devices. For security 
reasons, the USB host device node can't be writable worldwide.

       The solutions I can imagine may be:
       a) run the daemon process as root user all along its life, possibly 
remove unused privileges. I'm not sure if it's acceptable. Is there Solaris 
policy about daemon process and its privileges?
       b) set the device node's owner to daemon user. I digged into the 
/devices directory and didn't find any device node whose owner is other than 
root or console user. So, probably this is not a good idea.

Is there any other better solution? Would you please give your valuable advices 
about this issue?

Thanks a lot,
Lei Chen
 
 
This message posted from opensolaris.org

Reply via email to