I don't see any security implications, to be actually useful,
/dev/cpu/<n>/cpuid should be world readable. The cpuid instruction
can be called from userspace anyway, so there is nothing to hide.
The device does not support any write operation, so 0444 should
suffice.
Signed-off-by: Andre Przywara <andre.przywara@amd.com>
On Thu, Apr 23, 2009 at 11:39, Alan Jenkins <alan-jenkins@tuffmail.co.uk> wrote:
> I'm puzzled by this function:
>
> /* if we have not seen this seqnum, check if it is/was already queued */
> if (seqnum < udev_queue->last_seen_udev_seqnum) {
> udev_queue_get_udev_seqnum(udev_queue);
> if (seqnum < udev_queue->last_seen_udev_seqnum)
>
> Shouldn't the test be (seqnum > udev_queue->last_seen_udev_seqnum) ?
Since cciss devices can be BIOS boot devices just as well as sd* and
hd*, the edd_id program should be run on them so that the later
/dev/disk/by-id/edd-* rules will work.
Messages send back by the udev daemon to the netlink socket are
multiplexed by the kernel and delivered to multiple clients. The
clients can upload a socket filter to let the kernel drop messages
not belonging to a certain subsystem. This prevent needless wakeups
and message processing for users who are only interested in a
subset of available events.
Recent kernels allow untrusted users to listen to the netlink
messages.
The messages send by the udev daemon are versioned, to prevent any
custom software reading them without libudev. The message wire format
may change with any udev version update.
For added protection, ignore any unicast message received on the
netlink socket or any multicast message on the kernel group not
received from the kernel.
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
The netlink socket is now used by udev event processes. We should take
care not to pass it to the programs they execute. This is the same way
the inotify fd was handled.
Signed-off-by: Alan Jenkins <alan-jenkins@tuffmail.co.uk>
Instead of of our own private monitor socket, we send the
processed event back to our netlink socket, to the multicast
group 2 -- so any number of users can listen to udev events,
just like they can listen to kernel emitted events on group 1.
On Wed, Mar 18, 2009 at 16:00, Matthias Schwarzott <zzam@gentoo.org> wrote:
found out how the error occurs:
It is a difference between
A. udevadm test /sys/class/mem/null/
and
B. udevadm test /sys/class/mem/null
Case A was the case that showed the error behaviour. It seems udevadm is
confused by the trailing slash. This behaviour seems to be there since ages.