On Dec 21, 8:52pm, Diego Zamboni wrote:
> Subject: World writable devices in Irix?
>
> I'm just speculating here (I'm not an expert on Irix internals), but the
> following default permissions in Irix 5.3 look a bit dangerous to me:
>
> crw-rw-rw- 1 root sys 10, 56 Sep 11 1995 /dev/gfx
> crw-rw-rw- 2 root sys 0, 30 Sep 11 1995 /dev/keybd
> crw-rw-rw- 2 root sys 0, 31 Sep 11 1995 /dev/mouse
>
> Does this mean that anybody can read/write to the graphics display, the
> keyboard and the mouse?
I expect it does. But note that there is also:
crw-rw-rw- 1 root sys 39, 0 Mar 4 1994 /dev/audio
which means that anyone can listen in to what is being said around your
workstation.
*ALL* such devices *SHOULD* have their ownership and permissions set to
what is required by the Xstartup script (in /usr/lib/X11/xdm == /var/X11/xdm).
They should also be reset to be owned by root (and not necessarily
work-readable, otherwise you could snoop on the /dev/audio of a workstation
which isn't being used) by the Xreset file.
However, I haven't yet seen a workstation that has any device file
configuring done in these two files. And it is not necessarily obvious which
device files need to be changed, and what permission bits need to be set.
Workstation vendors *SHOULD* add these parts themselves (they are the ones
who really know which device does what). At the very least they could put them
into an if clause which you have to edit to activate. But they *SHOULD* add
the relevent code themselves.....
I look forward to hearing whether any vendor actually does do this. I
will be even more impressed if there is one which does it correctly (and
adds/changes lines as new devices are added!!).