l4-hurd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Questions


From: Marcus Brinkmann
Subject: Re: Questions
Date: Sun, 31 Oct 2004 17:37:28 +0100
User-agent: Wanderlust/2.10.1 (Watching The Wheels) SEMI/1.14.6 (Maruoka) FLIM/1.14.6 (Marutamachi) APEL/10.6 Emacs/21.3 (i386-pc-linux-gnu) MULE/5.0 (SAKAKI)

At Sun, 31 Oct 2004 01:55:04 +0100,
Sam Mason <address@hidden> wrote:
> That's what I was expecting the answer from Marcus to be.  The only
> real driver would be for the USB interface chipset, it would export an
> API that could be used by something like "libusb".  This would allow
> the user's programs to talk to the devices actually connected to the
> USB bus.

As you correctly point out, there are permission issues.  We do not
have anything fancy or special for device drivers that diverts from
Unix.  All devices can only be accessed by root directly, and that's
it.

The Hurdish answer is to have a management server that runs as root
which sorts out the permission issues.  So how does a user get the
driver loaded he or she is interested in?

There are two possibilities, and I don't know which is better (or even
if both are feasible), as I don't know much about how USB drivers
work.

The manager can load requested drivers from a trusted driver database,
which can only be updated or extended with privileges.  Or, the
manager can loasd user-provided drivers.

The latter can only work if it is possible to run an USB driver from
an untrusted and unknown code base securely without harming anything
else in the system.  I have my doubts about that.  But if that is
possible, then it's an option.  We can't do any magic.  We can only
make things accessible directly to the user which don't cause any
security hazard.  Everything else must be owned and managed by root,
according to protocols which don't cause a security issue.

Thanks,
Marcus





reply via email to

[Prev in Thread] Current Thread [Next in Thread]