mirror of
https://github.com/systemd/systemd-stable.git
synced 2025-02-27 13:57:26 +03:00
a8cf7cf2c7
A note on /dev/raw1394's security implications: 1. You cannot access local memory through raw1394, except for ROMs and CSRs that are exposed to other nodes any way. 2. It is extremely hard to manipulate data on attached SBP-2 devices (FireWire storage devices). 3. You can disturb operation of the FireWire bus, e.g. creating a DoS situation for audio/video applications, for SBP-2 devices, or eth1394 network interfaces. 4. If another PC is attached to the FireWire bus, it may be possible to read or overwrite the entire RAM of that remote PC. This depends on the PC's configuration. Most FireWire controllers support this feature (yes, it's not a bug, or at least wasn't intended to be one...) but not all OSs enable the feature. Actually, a cheap setup to achieve #1 by #4 is to have two FireWire controllers in the PC and connect them. https://bugs.launchpad.net/ubuntu/+source/kino/+bug/6290/comments/21
udev - userspace device management
For more information see the files in the docs/ directory.
Important Note:
Integrating udev in the system has complex dependencies and differs from distro
to distro. All major distros depend on udev these days and the system may not
work without a properly installed version. The upstream udev project does not
recommend to replace a distro's udev installation with the upstream version.
Requirements:
- Version 2.6.19 of the Linux kernel for reliable operation of this release of
udev. The kernel may have a requirement on udev too, see Documentation/Changes
in the kernel source tree for the actual dependency.
- The kernel must have sysfs, unix domain sockets and networking enabled.
(unix domain sockets (CONFIG_UNIX) as a loadable kernel module may work,
but it does not make any sense - don't complain if anything goes wrong.)
- The proc filesystem must be mounted on /proc/, the sysfs filesystem must
be mounted at /sys/. No other locations are supported by udev.
Operation:
Udev creates and removes device nodes in /dev/, based on events the kernel
sends out on device discovery or removal.
- Very early in the boot process, the /dev/ directory should get a 'tmpfs'
filesystem mounted, which is populated from scratch by udev. Created nodes
or changed permissions will not survive a reboot, which is intentional.
- The content of /lib/udev/devices/ directory which contains the nodes,
symlinks and directories, which are always expected to be in /dev, should
be copied over to the tmpfs mounted /dev, to provide the required nodes
to initialize udev and continue booting.
- The old hotplug helper /sbin/hotplug should be disabled on bootup, before
actions like loading kernel modules are taken, which may cause a lot of
events.
- The udevd daemon must be started on bootup to receive netlink uevents
from the kernel driver core.
- All kernel events are matched against a set of specified rules in
/lib/udev/rules.d/ which make it possible to hook into the event
processing to load required kernel modules and setup devices. For all
devices the kernel exports a major/minor number, udev will create a
device node with the default kernel name, or the one specified by a
matching udev rule.
Please direct any comment/question/concern to the linux-hotplug mailing list at:
linux-hotplug@vger.kernel.org