Randy Fishel wrote: > On Wed, 26 Aug 2009, Darren J Moffat wrote: > >> Garrett D'Amore wrote: >>> Man pages in the case directory indicate that Primary Administrator (root) >>> is required to run these commands. Why? It seems like these commands only >>> access information which should be considered public, so that anyone can run >>> them. I realize that there is an issue of accessing the underlying device >>> nodes, but perhaps RBAC can be used to make these commands available to >>> anyone? (Or perhaps the underlying device node can be provided in "safe, >>> read-only" type of mode?) >> I'll ask a more specific question. >> >> Exactly what privileges do these commands need to run with to gather the >> information they need. >> >> "Primary Administrator" should never be documented in a man page. If the >> command really needs all privileges because that is what the device node >> requires then that is what we document. >> >> -- >> Darren J Moffat >> > > I believe that the primary reason for privilege is that it extracts > the tables via /dev/mem.
Seriously ? Is there no other way to get this ? If that is the case then I have some very serious concerns that this case raises. Some of the security related but more about the stablity of the interfaces this case is using to get the data if it is reading memory directly. Surely we have a better way to get this data, and ideally given it is monitoring data we don't want such massive amount of privilege to read it. Then again maybe this is in the same category as iasl which (ab)uses /dev/xsvc for a similar purpose. -- Darren J Moffat
