Bug 103601
Summary: | reading computer serial number as non-root user not possible | ||
---|---|---|---|
Product: | File System | Reporter: | René Genz (liebundartig) |
Component: | SysFS | Assignee: | Greg Kroah-Hartman (greg) |
Status: | NEW --- | ||
Severity: | normal | CC: | christian.rohmann, sergey, szg00000 |
Priority: | P1 | ||
Hardware: | All | ||
OS: | Linux | ||
Kernel Version: | 4.1.4-200 | Subsystem: | |
Regression: | No | Bisected commit-id: |
Description
René Genz
2015-08-27 19:16:54 UTC
On Thu, Aug 27, 2015 at 07:16:54PM +0000, bugzilla-daemon@bugzilla.kernel.org wrote: > https://bugzilla.kernel.org/show_bug.cgi?id=103601 > > Bug ID: 103601 > Summary: reading computer serial number as non-root user not > possible This is as-designed, glad to see it works properly :) I would like to understand the reasoning for the design, making the serial number not accessible for regular users. The document I found could not answer this: https://www.kernel.org/pub/linux/kernel/people/mochel/doc/papers/ols-2005/mochel.pdf Can you give me a pointer, please? Comparing to other operating systems: to retrieve the serial number you can execute as regular user in terminal: - in Windows 'wmic bios get serialnumber' - in Mac OS X 'system_profiler |grep "r (system)"' (faster: About This Mac -- Overview -- Serial Number) On Wed, Sep 09, 2015 at 06:10:19AM +0000, bugzilla-daemon@bugzilla.kernel.org wrote: > I would like to understand the reasoning for the design, making the serial > number not accessible for regular users. As I was not the original author of the sysfs you are curious about, I have no idea. Or even if I was, I have no idea either, it was done a long time ago. > The document I found could not answer this: > > https://www.kernel.org/pub/linux/kernel/people/mochel/doc/papers/ols-2005/mochel.pdf That paper isn't going to detail the file permissions of each sysfs file, no paper will. > Can you give me a pointer, please? > > Comparing to other operating systems: > to retrieve the serial number you can execute as regular user in terminal: > - in Windows 'wmic bios get serialnumber' > - in Mac OS X 'system_profiler |grep "r (system)"' (faster: About This Mac -- > Overview -- Serial Number) Linux is a multi-user operating system, permissions are different for system-level things like this. Is this causing some sort of problem for users? It is something between problem and inconvenience. My use case is (on the sending and the receiving side): user generated requests for help which contain basic information about hardware (manufacturer, model, and system serial number) Since the original reasoning seems to be lost in the course of time, we have to rely on current knowledge. Is there a risk making the files - that contain the system serial number - world readable? Hello Greg, This issue is still actual. It's a problem for any system that collecting server inventory information (this is a typical function for many monitoring systems). I'm using zabbix, zabbix-agent runs under normal (non-root) user so it cannot collect server serial number so it is no possible to get server inventory without root privileges. I can not see any reason to limit non-root user from reading serial number of a server. |