udev: input device permissions
Bug #6913 reported by
Debian Bug Importer
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
udev (Debian) |
Fix Released
|
Unknown
|
|||
udev (Ubuntu) |
Invalid
|
Medium
|
Unassigned |
Bug Description
Automatically imported from Debian bug report #257165 http://
Related branches
Changed in udev: | |
status: | Unknown → Fix Released |
To post a comment you must log in.
severity 257165 grave
thanks
On Thu, Jul 01, 2004 at 10:28:04AM -0700, Itay Ben-Yaacov wrote:
> Package: udev
> Version: 0.026-1
> Severity: normal
> Tags: security
>
>
> Permissions of /dev/input/* should be 600 or 640, but certainly not
> 644! Anybody logged on could read my password directly from the event#
> device associated with the keyboard.
Eek! This is severe.
--
- mdz