From: Andre Przywara Date: Thu, 23 Apr 2009 22:29:53 +0000 (+0200) Subject: rules: create /dev/cpu//cpuid world readable X-Git-Tag: 174~1072 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=57ec3a57f1caa0e325e5ac8a7f54761148b36b1b;p=systemd rules: create /dev/cpu//cpuid world readable I don't see any security implications, to be actually useful, /dev/cpu//cpuid should be world readable. The cpuid instruction can be called from userspace anyway, so there is nothing to hide. The device does not support any write operation, so 0444 should suffice. Signed-off-by: Andre Przywara --- diff --git a/rules/rules.d/50-udev-default.rules b/rules/rules.d/50-udev-default.rules index abc5113c..6bf45cce 100644 --- a/rules/rules.d/50-udev-default.rules +++ b/rules/rules.d/50-udev-default.rules @@ -94,7 +94,7 @@ SUBSYSTEM=="aoe", KERNEL=="err", MODE="0440" KERNEL=="tun", NAME="net/%k", MODE="0666" # CPU -KERNEL=="cpu[0-9]*", NAME="cpu/%n/cpuid" +KERNEL=="cpu[0-9]*", NAME="cpu/%n/cpuid", MODE="0444" KERNEL=="msr[0-9]*", NAME="cpu/%n/msr" KERNEL=="microcode", NAME="cpu/microcode", MODE="0600"