[lockdev-devel] drop baudboy.h?
Ludwig Nussel
ludwig.nussel at suse.de
Mon May 3 15:17:37 UTC 2010
Roger Leigh wrote:
> Is this difference in the /var/lock permissions the sole need for
> baudboy.h?
I think so, yes. If /var/lock is world writeable like on Debian
there is no need for a setgid helper.
> The ownership and permissions of /var/lock aren't specified in the FHS
> or LSB, but existing usage of serial device locks for e.g. modems by
> users in an appropriate group would suggest that users should have the
> ability to create such locks. I guess there's a potential for abuse
> here if rogue users create locks to deny service to a device; is this
> the rationale for restricting use?
I don't know why distributions chose different permissions for
/var/lock. Not allowing anyone to write there avoids the usual
symlink tricks due to tmp races at least. Of course there is
potential for users to create fake locks. It's easy for anyone to
find the culprit though as one cannot fake the owner of the lock
file. The lock files are advisory locks anyways so one could just as
well ignore them, open the device a second time and cause arbitrary
corruption. So users and programs are expected to cooperate here.
cu
Ludwig
--
(o_ Ludwig Nussel
//\
V_/_ http://www.suse.de/
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
More information about the lockdev-devel
mailing list