A privilege escalation flaw in udev
Posted Apr 23, 2009 0:05 UTC (Thu) by jreiser
In reply to: A privilege escalation flaw in udev
Parent article: A privilege escalation flaw in udev
Can anyone think of a reason why mknod() allows *anyone* to create device
nodes outside /dev?
Before there was kernel-level virtualization (vmware, xen, kvm, ...) there were partial virtualization environments which needed devices. If you have a machine with trusted users only and/or global protection, then mknod() can be handy for experiments.
to post comments)