Re: input/eventX permissions, force feedback

[Anssi Hannula]

Andrey Borzenkov wrote:
> Dmitry Torokhov wrote:
> 
> 
>>Hi Anssi,
>>
>>On 7/18/06, Anssi Hannula <anssi.hannula@xxxxxxxxx> wrote:
>>
>>>Currently most distributions have /dev/input/event* strictly as 0600
>>>root:root or 0640 root:root. The user logged in will not have rights to
>>>the device, unlike /dev/input/js*, as he could read all passwords from
>>>the keyboard device.
>>>
>>>This is a problem, because /dev/input/event* is used for force feedback
>>>and should therefore be user-accessible.
>>>
>>>I can think of the following solutions to this problem:
>>>
>>>1. Some creative udev rule to chmod /dev/input/event* less strictly when
>>>it has a /dev/input/js* and is thus a gaming device.
>>>
>>>2. Some creative udev rule to chmod /dev/input/event* more strictly when
>>>it is a keyboard.
>>>
>>>3. Have another force feedback interface also in /dev/input/js*.
>>>
>>
>>You can do it in udev looking either at MODALIAS or at EV and ABS
>>environment variables. I think it is pretty safe to say that a device
>>with EV_ABS, EV_FF, ABS_X and ABS_Y is a force-feedback joystick-type
>>device and not a keyboard.
>>
> 
> 
> You could also have udev create specific symlink for such devices,
> say /dev/input/ff* and make a rule for pam_console to change their
> permissions. That is finally what is done e.g. for CD-ROMs (cdrom ->
> hdc/sr0)

Yes, I proposed this kind of solution too in a later post :)

> 
> 
>>Another solution would be to relax permissions if user is also console
>>owner (home box installation).
>>
>>One thing is for sure - I do not like #3 at all ;)
>>
> 
> 


-- 
Anssi Hannula

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/