Red Hat Bugzilla – Bug 4390
bad default permissions on various things in /dev
Last modified: 2008-05-01 11:37:51 EDT
This was discussed on Bugtraq last year, but it's worth
reporting as a 'bug' in my opinion:
- various "legacy" cd-rom device files are world-readable by
default. These include:
The problem is that in a default RedHat 6.0 installation, if
any user attempts to 'cat' these files, it will trigger a
module load request by the kernel which results in a kernel
module actually being loaded.
The driver modules for these old ISA cd-roms seem to perform
somewhat dangerous probes to determine if a device is
actually present, cauing the system to freeze up for several
seconds or more.
In fact, depending upon the hardware present in a given
machine, loading one of these modules may even cause a
I was able to completely lock up many machines running Red
Hat 5.2 by 'cat'ing some of these cd-rom device files as a
non-root user. The same is probably true on Red Hat 6.0
depending on the machine. (basically, if there is a conflict
between the probing done by the old cd-rom driver and the
hardware in your computer, it may cause a freeze)
Also, the mouse device files in /dev are world-readable by
default. This may cause problems because I don't think that
the kernel supports multiple readers on these files-- if a
process opens them and tries to read, it may be able to lock
out the X server from reading, or cause the mouse to behave
There may be other problematic device files as well.
Some sound device files in /dev are world-readable too, for
instance (/dev/sndstat for one); any user can cause the
'soundcore', 'soundlow', and 'sound' modules to be loaded by
cat-ing them, although this is probably not a security
I would recommend making at least the 'legacy' cd-rom and
mouse device files non world-readable/writable by default in
Michael, o maintainer of the dev package, do you want to fix this? :)
Fixed in dev-2.7.9 -- thanks for the suggestions.
While I was at it, I noticed that some of the legacy cdrom
devices weren't group disk, so I fixed that as well.