[Dev] Input device files group

Stéphane Desneux stephane.desneux at open.eurogiciel.org
Tue Oct 28 16:45:00 GMT 2014


On 28/10/2014 15:37, Schaufler, Casey wrote:
>> -----Original Message-----
>> From: Dev [mailto:dev-bounces at lists.tizen.org] On Behalf Of Stéphane
>> Desneux
>> Sent: Tuesday, October 28, 2014 6:51 AM
>> Cc: dev at lists.tizen.org
>> Subject: Re: [Dev] Input device files group
>>
>> Hi Lukasz,
>>
>> Sorry for having merged the changes so quickly (30mn for weston-common,
>> though). I thought that such a small change didn't deserve so much
>> attention.
> 
> Setting the groups on a device special file is important
> because of the way we are enforcing application privilege,
> especially in the context of native applications.
> 

I'm well aware of that. Please take a deeper look at the changes I made:
they set the group to 'input' instead of 'root' for all input devices
(instead of only 'event' devices previously, and only in wayland
images). And more important: only in Common images...

Given this explanation, I consider this as a minor change because it
only brings uniformity to something that already existed partially and
only for wayland images. Also note that initially, this udev rule had to
be introduced to allow weston to be run as a normal user, without root
privileges (but being a member of the group 'input').

>> Also, I'm not sure that the rules for defining the permissions on such
>> devices should be global. And currently, you'll notice that every
>> profile is free to define the permissions as needed (because
>> weston-common or x11-common are packages specific to Tizen:Common,
>> not
>> supposed to be inherited directly in a Tizen profile.
> 
> Part of the "as needed" requirement is going to depend on
> the application privileges. Sure, some devices will provide
> different "resources" in different profiles, but that has to be
> coordinated with the privilege definitions.

... which is WIP if I understand correctly.

So let's go back to this simple example with the input devices. All
tizen profiles will probably have input devices. So where outside of
profile/common/* should we put the udev rule that sets permissions for
input devices ?

Currently, this kind of rule are stored in
/lib/udev/rules.d/55-udev-smack-default.rules and provided by systemd.
So if the rule about input devices is a global one (i.e. shared by all
profiles), it's easy to add a line to 55-udev-smack-default.rules and
drop the 2 fixes in weston-common and x11-common.

But using the systemd package to store those rules only related to
security and privileges is not a good idea IMO. Having udevd built
inside systemd and basic rules defined in systemd package doesn't imply
that the security rules should also be there.

Finally, we may need global security rules, enforced for any Tizen
profile and also profile-specific rules (because there'll be
device-specific rules).


BR
Stéphane


More information about the Dev mailing list