Re: [chrony-dev] shm permissions

[Håkan Johansson <f96hajo@xxxxxxxxxxx>]

On Mon, 25 Jan 2010, Bill Unruh wrote:

> I am not sure that this is a good idea, since this would allow anyone to send
> rogue data to the shm driver. It would be better to leave it at 0600 for the
> chrony user ( or for root if you are using root), and let root change it if
> the sysadmin wants to allow anyone to write to the shm, or at most make it a
> configuration option.

It becomes a configuarion option in the sense that segments 0 and 1 use 
permissions 0600 and only segments 2 and 3 use 0666, so the level of 
trust can then be selected that way.

> It is not clear to me what the scenario is where someone
> other than root should be able to send data to this driver.

My scenario is that I am user on some systems where I will not get root 
permissions, so I cannot modify/restart/etc the ntpd/chronyd process, 
which I do not need.  But the sysadmins would entrust me to run e.g. gpsd 
to provide reference data.  This is useful for the further testing of gpsd 
I am doing, and the need to modify/restart gpsd doing that.

Cheers,
Håkan


> On Mon, 25 Jan 2010, Håkan Johansson wrote:
>
> > Hi,
> >
> > ntpd creates the shm refclock segments 2 and 3 with permissions 0666
> > (previously 0777), allowing also non-root users to provide synchronisation
> > data when these segments are set up.  The attached patch changes chrony to do
> > that to (currently 0700 for all segments).  It also changes the permissions
> > from 7 to 6, i.e. removing the useless execute-bits.
> >
> > Cheers,
> > Håkan
>
> --
> William G. Unruh   |  Canadian Institute for|     Tel: +1(604)822-3273
> Physics&Astronomy  |     Advanced Research  |     Fax: +1(604)822-5324
> UBC, Vancouver,BC  |   Program in Cosmology |     unruh@xxxxxxxxxxxxxx
> Canada V6T 1Z1     |      and Gravity       |  www.theory.physics.ubc.ca/