Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

udev rule assigns insecure file permissions #32

Open
afaerber opened this issue Oct 2, 2024 · 1 comment
Open

udev rule assigns insecure file permissions #32

afaerber opened this issue Oct 2, 2024 · 1 comment
Assignees
@warthog9
Labels
bug Something isn't working

Comments

@afaerber
Copy link

afaerber commented Oct 2, 2024

udev-50-tenstorrent.rules (referenced by dkms-post-install) assigns MODE="0666" to the device file.

This is considered insecure, as it gives not just human users but any system services/daemons (including web servers) write access to the hardware.

Better would be to assign MODE="0660" and optionally a suitable group. The users who should have access can then get that group assigned individually.

It's trivial to not install this rule in distro packages, but it would probably be good to fix this for dkms users, too.
@milank94 milank94 added the bug Something isn't working label Oct 16, 2024
@smehtaTT
Copy link

Nice to have - moving to P2 for now, will bump up to P1 if critical.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@warthog9 warthog9

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@afaerber @warthog9 @milank94 @smehtaTT