From owner-freebsd-hackers  Mon Jul 17 12:45:42 2000
Delivered-To: freebsd-hackers@freebsd.org
Received: from rover.village.org (rover.village.org [204.144.255.49])
	by hub.freebsd.org (Postfix) with ESMTP
	id 9FFB237BACA; Mon, 17 Jul 2000 12:45:37 -0700 (PDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.9.3/8.9.3) with ESMTP id NAA81750;
	Mon, 17 Jul 2000 13:45:34 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id NAA63703; Mon, 17 Jul 2000 13:45:29 -0600 (MDT)
Message-Id: <200007171945.NAA63703@harmony.village.org>
To: Hajimu UMEMOTO <ume@mahoroba.org>
Subject: Re: sysctl interface for apm? 
Cc: nsayer@freebsd.org, nsayer@sftw.com, freebsd-hackers@freebsd.org
In-reply-to: Your message of "Tue, 18 Jul 2000 04:41:21 +0900."
		<20000718.044121.71098397.ume@mahoroba.org> 
References: <20000718.044121.71098397.ume@mahoroba.org>  <200007171753.LAA62543@harmony.village.org> <39734D36.5FC7DDA@sftw.com> <200007171914.NAA63275@harmony.village.org> 
Date: Mon, 17 Jul 2000 13:45:29 -0600
From: Warner Losh <imp@village.org>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In message <20000718.044121.71098397.ume@mahoroba.org> Hajimu UMEMOTO writes:
: Indeed, I wish to have a method to obtain required information without
: extra privilege.  We need safety way.
: Currentry, GKrellM opens /dev/apm with O_RDWR.  I just tried to open
: with O_RDONLY and see it is sufficient for APMIO_GETINFO.  I'll send
: the change to the author of GKrellM.

It is sufficient for APMIO_GETINFO, but it will introduce a security
hole as the apm ioctls aren't careful enough about their sanity
checking.  I've added such sanity checking in my local copy of apm and
will test it tonight when I have access to my laptop.

The holes are introduced by the chmod 664 /dev/apm, not by doing the
open rdonly :-).

If you'll send me a pointer to gkrellm, I'll see about putting it up
on my laptop and making sure that my stuff works with it.

Warner


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message