summaryrefslogtreecommitdiff
path: root/rules/rules.d
diff options
context:
space:
mode:
authorKay Sievers <kay.sievers@vrfy.org>2008-12-22 14:58:11 +0100
committerKay Sievers <kay.sievers@vrfy.org>2008-12-22 14:58:11 +0100
commita8cf7cf2c7b4c41c14508a808b09a5fa9256a024 (patch)
tree4016a838ff059c7c3883b60c873d8481813d519a /rules/rules.d
parent6b956a99836b936ee252243d9d0680318aaf3f0a (diff)
rules: do not put raw1394 in "video" group
A note on /dev/raw1394's security implications: 1. You cannot access local memory through raw1394, except for ROMs and CSRs that are exposed to other nodes any way. 2. It is extremely hard to manipulate data on attached SBP-2 devices (FireWire storage devices). 3. You can disturb operation of the FireWire bus, e.g. creating a DoS situation for audio/video applications, for SBP-2 devices, or eth1394 network interfaces. 4. If another PC is attached to the FireWire bus, it may be possible to read or overwrite the entire RAM of that remote PC. This depends on the PC's configuration. Most FireWire controllers support this feature (yes, it's not a bug, or at least wasn't intended to be one...) but not all OSs enable the feature. Actually, a cheap setup to achieve #1 by #4 is to have two FireWire controllers in the PC and connect them. https://bugs.launchpad.net/ubuntu/+source/kino/+bug/6290/comments/21
Diffstat (limited to 'rules/rules.d')
-rw-r--r--rules/rules.d/50-udev-default.rules1
1 files changed, 0 insertions, 1 deletions
diff --git a/rules/rules.d/50-udev-default.rules b/rules/rules.d/50-udev-default.rules
index afcf2bc80f..5d91cb6a09 100644
--- a/rules/rules.d/50-udev-default.rules
+++ b/rules/rules.d/50-udev-default.rules
@@ -46,7 +46,6 @@ SUBSYSTEM=="dvb", GROUP="video"
# Firewire
KERNEL=="dv1394[0-9]*", NAME="dv1394/%n", GROUP="video"
KERNEL=="video1394[0-9]*", NAME="video1394/%n", GROUP="video"
-KERNEL=="raw1394*", GROUP="video"
# libusb device nodes
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", NAME="bus/usb/$env{BUSNUM}/$env{DEVNUM}", MODE="0664"