DirectFB icon indicating copy to clipboard operation
DirectFB copied to clipboard

Published 20 hours ago verified publisher icon deniskropp

DirectFB doesn't always need access to /dev/tty0

Open Mqrius opened this issue 7 years ago • 2 comments

The information for DirectFB states that the user will always need access to /dev/tty0

Using the single application core you always need access to /dev/tty0, /dev/fb0 and the mouse device (/dev/psaux, /dev/mouse).
You can either run all DirectFB applications as root or allow users to access these devices.

Now I'll readily admit that I don't have a complete understanding of what's going on, but this confuses me. By my understanding, /dev/tty0 is much broader in scope than /dev/tty, as the former refers to "whatever tty is currently on display" while the latter means "the tty that launched the program". For those reasons /dev/tty is has permissions 666 by default.

But if I want to have access to the current terminal, then I should only need access to /dev/tty, I thought. So to try, I recompiled DirectFB, replacing all references to /dev/tty0 with /dev/tty, and ran links2 -g in a virtual terminal

This worked fine. I did have to add myself to the video group for access to /dev/fb0, and to the input group for access to /dev/input for touchpad/mouse control.

As mentioned before, I don't have a full understanding. A blanket replacement of /dev/tty0 with /dev/tty probably broke a whole bunch of other capabilities of DirectFB, perhaps? But it seems to me like there are use cases where only access to /dev/tty is required. It would be nice to limit DirectFB's reach, and only require /dev/tty0 in cases where it can't be avoided.

Thoughts?

Some debugging output:

14:08 ~:\ls -ld /dev/input
drwxr-xr-x 4 root root 400 jul 23 13:59 /dev/input
14:09 ~:\ls -l /dev/tty0
crw-rw---- 1 root tty 4, 0 jul 23 13:59 /dev/tty0
14:09 ~:\ls -l /dev/tty
crw-rw-rw- 1 root tty 5, 0 jul 23 14:00 /dev/tty
14:09 ~:\ls -l /dev/fb0
crw-rw---- 1 root video 29, 0 jul 23 13:59 /dev/fb0
14:09 ~:\ls -ld /dev/input
drwxr-xr-x 4 root root 400 jul 23 13:59 /dev/input
14:09 ~:groups
marius adm cdrom sudo dip video plugdev lpadmin sambashare input

Mqrius avatar Jul 23 '17 13:07 Mqrius

I'd like to show my support for this one. I really don't like having to open the permissions up on tty0 for security reasons.

pleappleappleap avatar Jun 26 '22 01:06 pleappleappleap

Thank you for trying /dev/tty which hopefully is enough for the future. Please commit, push and I'll pull that one into main :)

Denis

deniskropp avatar Jun 26 '22 03:06 deniskropp