User avatar
jojopi
Posts: 3041
Joined: Tue Oct 11, 2011 8:38 pm

Re: GPIO Security

Sun Sep 20, 2015 2:45 pm

plugwash wrote:My worry is there were people here advocating non-root access to /dev/gpiomem as a default. If people want to set that on their own systems after doing a risk assement and checking what is in the group then that is fine but it should not be the default.
It should be the default; not in the kernel but in the Foundation's future images. The Foundation's images already have a default user with full sudo access, so there can only be an improvement when GPIO are accessed without escalating to superuser. Additional users will only be in the group if the sysadmin intends that.

The kernel, of course, should default to protecting the device. The few people who install Raspbian themselves can make their own decisions.

User avatar
DougieLawson
Posts: 33388
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website

Re: GPIO Security

Sun Sep 20, 2015 5:40 pm

plugwash wrote:
joan wrote: As it is with /dev/mem.
Sure

My worry is there were people here advocating non-root access to /dev/gpiomem as a default. If people want to set that on their own systems after doing a risk assement and checking what is in the group then that is fine but it should not be the default.
So you're saying that non-root access to /dev/gpiomem is less secure than having every novice user run every program with sudo because they don't understand what sudo does for them.

That doesn't make any sense.
Microprocessor, Raspberry Pi & Arduino Hacker
Mainframe database troubleshooter
MQTT Evangelist
Twitter: @DougieLawson

2012-18: 1B*5, 2B*2, B+, A+, Z, ZW, 3Bs*3, 3B+

Any DMs sent on Twitter will be answered next month.

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 5182
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: GPIO Security

Sun Sep 20, 2015 10:29 pm

From my limited experience, even the peripherals which you can drive by DMA require you to set up the DMA channels accordingly. So it actually closes the DMA access issue rather than creates.

In any case, this is moot when we're talking about a system with password-less sudo.

jscax
Posts: 8
Joined: Thu Oct 05, 2017 9:19 am

Re: GPIO Security

Mon Nov 27, 2017 5:36 pm

is there a way to "create" /dev/gpiomem given I only have /dev/mem ?

thank you

Return to “Interfacing (DSI, CSI, I2C, etc.)”

Who is online

Users browsing this forum: No registered users and 20 guests