From owner-freebsd-security@FreeBSD.ORG Wed Nov 26 08:37:44 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D76D616A4D0 for ; Wed, 26 Nov 2003 08:37:44 -0800 (PST) Received: from smtp3.sentex.ca (smtp3.sentex.ca [64.7.153.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1078743FDF for ; Wed, 26 Nov 2003 08:37:40 -0800 (PST) (envelope-from mike@sentex.net) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by smtp3.sentex.ca (8.12.9p2/8.12.9) with ESMTP id hAQGbbm5055870 for ; Wed, 26 Nov 2003 11:37:37 -0500 (EST) (envelope-from mike@sentex.net) Received: from simian.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.12.9p2/8.12.9) with ESMTP id hAQGbbUr054554 for ; Wed, 26 Nov 2003 11:37:37 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <6.0.1.1.0.20031126112219.045d4668@209.112.4.2> X-Sender: mdtpop@209.112.4.2 (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 6.0.1.1 Date: Wed, 26 Nov 2003 11:42:27 -0500 To: freebsd-security@freebsd.org From: Mike Tancsa In-Reply-To: <6.0.1.1.0.20031126104757.034e1988@209.112.4.2> References: <6.0.1.1.0.20031126101602.06e8e9f0@209.112.4.2> <20031126102631.L16087@cithaeron.argolis.org> <6.0.1.1.0.20031126104757.034e1988@209.112.4.2> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: by amavisd-new Subject: Re: perms of /dev/uhid0 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Nov 2003 16:37:45 -0000 Actually, I was reminded off list that I can drop privs after I open the device. eg fd = open( devname, O_RDONLY ); if( fd < 0 ) { perror( "open" ); return -1; } /* when we get a SigUSR spit out to syslog the current battery level */ signal(SIGUSR1, handleSignal); if (!(pwent = getpwnam("nobody"))) { fprintf(stderr, "There must be a user called nobody for this program to work!"); exit(1); } else if (setuid(pwent->pw_uid) == -1) { perror("Can't drop privileges"); exit(1); } Thanks to all who responded! ---Mike At 10:53 AM 26/11/2003, Mike Tancsa wrote: >At 10:28 AM 26/11/2003, Matt Piechota wrote: >>On Wed, 26 Nov 2003, Mike Tancsa wrote: >> >> > gastest# ls -l /dev/uhid0 >> > crw-rw---- 1 root operator 122, 0 Nov 12 05:26 /dev/uhid0 >> > gastest# >> > >> > Is it safe to chmod o+r /dev/uhid0 ? Or is there a better way to drop >> > privs of the daemon yet still be able to read from the device ? >> >>Maybe I'm a bit off, but: wouldn't it be okay to 'chgrp upsmon /dev/uhid0' >>in usbd.conf, and make a upsmon user and group to run the daemon under? > >I know for our setup, there is nothing else that would need to talk to >this device so I could do something like that. Not sure of the >implications if someone unplugged the UPS and put their own device into >the port. The physical server is in a locked box, but the UPS is not. So >if they somehow managed to blow up the daemon by overflowing a buffer, it >would be nice that its a non root user. However, I do not try and read >more than sizeof(buffer) so I dont see any obvious ways... > > ---Mike >_______________________________________________ >freebsd-security@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-security >To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"