[PATCH 5/5] core: allow building and running without udev
Aleksander Morgado
aleksander at aleksander.es
Fri Sep 30 15:38:21 UTC 2016
On Fri, Sep 30, 2016 at 9:29 AM, Aleksander Morgado
<aleksander at aleksander.es> wrote:
>>> The udev rule files are kept in place, and a simple custom parser is
>>> provided
>>> which preloads all rules in memory once and then applies them to the
>>> different
>>> kernel objects reported via ReportKernelEvent(), e.g. to set port
>>> type hints.
>>> A simple unit test setup is prepared to validate the udev rules
>>> during the
>>> `check' Makefile target.
>>>
>>
>> Generally LGTM; though perhaps load_rules_file() should check the file
>> owner and permissions and refuse to parse the file if it's not UID 0
>> (or a different one for testcases) and if it's not 0644. The udev
>> files are potentially untrusted input and MM runs as root.
>
> Ah, will do that, yes. I may also provide some hardcoded length limits
> for property names and such.
Hum... I started to do this but now I'm not sure whether we should do
that. What's the benefit of limiting the read of rule files owned by
root and set as 0644? From my POV; being able to place a rule file in
/usr/lib/udev/rules.d is already a good check; regardless of the
ownership or RWX attributes of the file. Also note that only the files
prefixed with "77-mm", "78-mm", "79-mm" and "80-mm" are processed by
the custom parser.
--
Aleksander
https://aleksander.es
More information about the ModemManager-devel
mailing list