[paranoia] No generic SCSI device found

Douglas Gilbert dgilbert at interlog.com
Sun Feb 4 19:48:00 PST 2001 


Bill Davidsen wrote:
> 
> On Sun, 4 Feb 2001, Jonathan Irwin wrote:
> 
> > On Sat, 3 Feb 2001, Bernie Boudet wrote:
> >
> > > > If you run cdparanoia as a user, make sure the user belongs to the cdrom
> > > > group and give rw permissions on /dev/sg0.
> > >
> > > Yes this is the problem.  I set group permissions on /dev/sg0 to rw and
> > > it works now - Thanks.
> >
> > While this will work, it is quite dangerous if the sg driver can see any
> > disks:  access to /dev/sg* for users will allow them to read / write /
> > format any SCSI device attached to the bus (although obviously if they
> > only have permissions on /dev/sg0 they can only do nasty things to the first
> > device).  I usually make the cdparanoia binary (and cdrecord, etc.) setuid
> > to root instead, and only allow root to open /dev/sg*, that reduces the
> > risk.  I suppose it is OK to leave things as they are for a single user
> > IDE-only system though.
> 
> But it isn't an IDE system, he only did it on one sg device, and it is in
> a group just for that reason. Running anything as root allows someone to
> take over that process and own the system, and is the most dangerous thing
> you can do to open holes in your security.

Since lk 2.2.6 applications have been able to
open sg devices read-only and execute the
SG_GET_SCSI_ID ioctl. This is typically done in
a scan phase to find out how they map to the
SCSI (pseudo) devices present in the system.
The scan should be flexible enough to step over
sg devices that it has no permissions for and
those devices that may have a O_EXCL lock on them.
[Hence the open should be read-only and non-blocking.]

Only sg devices that map to a cdroms are of interest
to cdparanoia which needs read-write permissions on 
access it via sg. 

Unfortunately scsi device names have the ability to 
"jump around" a bit on Linux systems. For example, a 
cdrom which is /dev/sg2 now may become /dev/sg1 after 
a 2nd SCSI disk in the system is removed. Such behaviour
can both cause access problems for applications and
create security issues (e.g. low level access to a
sensitive disk).

If this is a concern, devfs in lk 2.4 might be considered.
The "primary" scsi device nodes look like this:
$ cd /dev/scsi/host3/bus0/target4/lun0/
$ ls -l *
brw-------    1 dougg    disk      11,   0 Dec 31  1969 cd
crw-rw-rw-    1 root     root      21,   2 Dec 31  1969 generic

>From this we know that on scsi host number 3, bus 0,
target 4, lun 0 there is a cdrom. Permissions can
then be set on these primary device nodes.
The /dev/sr0 and /dev/sg2 names are still there if the
default configuration of the devfs daemon (devfsd) is
used. However they are symbolic links to the "primary" 
device nodes. Something like cdparanoia can do a
different type of device scan now, based on a directory
scan below /dev/scsi (or perhaps /dev/ide).

Doug Gilbert

--- >8 ----
List archives:  http://www.xiph.org/archives/
Paranoia homepage: http://www.xiph.org/paranoia/
To unsubscribe from this list, send a message to 'paranoia-request at xiph.org'
containing only the word 'unsubscribe' in the body.  No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.

More information about the Paranoia mailing list