CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	Ed Maste <emaste@FreeBSD.org>
	Thu, 22 Nov 2018 16:55:09 +0000 (16:55 +0000)
committer	Ed Maste <emaste@FreeBSD.org>
	Thu, 22 Nov 2018 16:55:09 +0000 (16:55 +0000)
commit	dc9874eaa0082a67b9fa3ffbaef7dbb18e067b19
tree	a19e33f717cbbdbbc72fd6507f69efca38782b67	tree \| snapshot
parent	d343a7f403bb5651ffb506ae84dd30dbb8e75514	commit \| diff

proto: change device permissions to 0600

C Turt reports that the driver is not thread safe and may have
exploitable races.

Note that the proto device is intended for prototyping and development,
and is not for use on production systems.  From the man page:

SECURITY CONSIDERATIONS
     Because programs have direct access to the hardware, the proto
     driver is inherently insecure.  It is not advisable to use this
     driver on a production machine.

The proto device is not included in any of FreeBSD's kernel config files
(although the module is built).

The issues in the proto device still need to be fixed, and the device is
inherently (and intentionally) insecure, but it might as well be limited
to root only.

admbugs: 782
Reported by: C Turt <ecturt@gmail.com>
MFC after: 3 days
Sponsored by: The FreeBSD Foundation