On 2014-08-11 20:56 +0200, Michael Biebl wrote:
> tags 757830 + unreproducible moreinfo
> thanks
>
> Am 11.08.2014 19:09, schrieb Klaus Ethgen:
>> Package: udev
>> Version: 208-7
>> Severity: critical
>>
>> The newest version of udev generates /dev/stdout as plain file instead
>> as symlink to /proc/self/fd/1 with every boot. (stderr and stdin are
>> created correctly.)
>>
>> This is a security leak for some stuff and a problem for many tools
>> especially security ones that explicitly handle stdout for some reasons.
>>
>> The content in that file directly after boot (you can find below)
>> pointed out that it happens especially for udev itself.
>>
>> This bug affects the whole system.
>>
>
> This bug is not reproducible here. Neither under systemd nor sysvinit.
It only happens under sysvinit without using an initramfs. I suspect
the make_static_nodes() function is responsible for that, since it runs
before udevd is started and so most device files, including /dev/stdout,
do not exist yet.
> Please check if this isn't a local modification on your part (e.g. in
> the sysv init script).
> Do you have devtmpfs support enabled in your self-built kernel? Can you
> test with a Debian kernel.
My self-built kernels have CONFIG_DEVTMPFS_MOUNT=y. Checking with
Debian kernels is not possible, since they won't boot without an
initramfs.
Cheers,
Sven
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
