[ewg] Allowing ib dignostics to be run without being logged in as root.

Roland Dreier rdreier at cisco.com
Wed Jun 2 11:58:45 PDT 2010


 > > $> cat /etc/udev/rules.d/80-ib-umad.rules
 > > KERNEL=="umad*", NAME="infiniband/%k", MODE="0666"

 > It is not the same. Your propose to expose /dev/infiniband/umad device
 > access to all world, which is obviously even more dangerous than SUIDing
 > diagnostic programs.

Well, different threats.  Making umad files world-writable means anyone
can inject whatever MADs they want to into the fabric.  On the other
hand, if an arbitrary code execution security hole is found in a
diagnostic program, then having it SUID root means the hole becomes a
local root exploit.  It's hard to assess which is really more dangerous.
-- 
Roland Dreier <rolandd at cisco.com> || For corporate legal information go to:
http://www.cisco.com/web/about/doing_business/legal/cri/index.html



More information about the ewg mailing list