From: Stefan Richter <stefanr@s5r6.in-berlin.de>
To: linux-hotplug@vger.kernel.org
Subject: Re: Hotplug, 1394, and security
Date: Sun, 27 Nov 2005 13:50:13 +0000 [thread overview]
Message-ID: <4389B995.3050209@s5r6.in-berlin.de> (raw)
In-Reply-To: <20051125213209.GZ20781@conscoop.ottawa.on.ca>
I wrote:
> users/ admins should to be aware that
> device files of nodes with different subunits inherit permissions of
> their least protected subunit. Of course there are not many
> multi-protocol devices, except PCs. I.e. if you ran an AV/C unit on a
> remote PC (or on the local PC), the local Linux PC would grant liberal
> access to it.
An alternative, more secure policy would be to apply the permissions
according to the most protected subunit.
> How are permissions handled during the time after a bus reset until unit
> capabilities are known?
A related issue are subunits whose type is unknown to the udev helper.
--
Stefan Richter
-===-=-=-= =-= =-=
http://arcgraph.de/sr/
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_idv37&alloc_id\x16865&op=click
_______________________________________________
Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel
next prev parent reply other threads:[~2005-11-27 13:50 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-11-25 21:32 Hotplug, 1394, and security Jody McIntyre
2005-11-25 21:49 ` Kurt Konolige
2005-11-25 22:52 ` Jody McIntyre
2005-11-25 23:29 ` Stefan Richter
2005-11-26 6:52 ` Kurt Konolige
2005-11-26 7:07 ` Stefan Richter
2005-11-27 5:03 ` Jody McIntyre
2005-11-27 5:28 ` Jody McIntyre
2005-11-27 5:45 ` Kurt Konolige
2005-11-27 13:39 ` Stefan Richter
2005-11-27 13:50 ` Stefan Richter [this message]
2005-11-27 13:55 ` Stefan Richter
2005-11-28 22:30 ` Jody McIntyre
2005-11-29 0:08 ` Stefan Richter
2005-11-29 5:43 ` Jody McIntyre
2005-11-29 7:57 ` Stefan Richter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4389B995.3050209@s5r6.in-berlin.de \
--to=stefanr@s5r6.in-berlin.de \
--cc=linux-hotplug@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).