Raspberry 3.14159265.... a first review

Chagrin:

[quote author=Ran Talbott link=topic=101259.msg766557#msg766557 date=1334901188]

Chagrin:
How small does a device need to be before it's socially acceptable to log in with root?

If it supports multiple uids, most people should usually avoid being root.

It's not so much about security (unless it's a Windoze box): it's mainly about the fact that people make mistakes, and not being root frequently makes the difference between "an annoyance" and "a cluster(bleep)".

Not creating backups or failing to store your source code on an off-Pi repository is an entirely different problem than simply using root.

So let's look at how root differs from an unprivileged user. You can access all other users' files on the Pi, but to me that seems like a convenience. If multiple people are non-cooperatively using it and you're concerned about those security implications -- well that would be pretty weird on a $30 piece of hardware, but you've still got your backups. Like the article mentions, there's also the GPIO that a user cannot reach, but how is it any improvement to log in as an unprivileged user, su to root, adjust the permissions on the GPIO devices (which are apparently connected to some type of mission critical peripherals), then drop back to an unprivileged user? It's just a hassle and in the end you've reduced the GPIO security from root level anyway. Your device with a daemon-running-as-unprivileged-user is now no safer than it would be if the daemon was running as root.

Don't get me wrong, I'm not saying that you can't design your device for deployment with carefully restricted GPIO access or configure it to do things like store your collected data in a way that prevents its destruction from a non-root user, I'm simply saying that disallowing direct root login is a level of nannying that makes no sense for a device of this size.
[/quote]
I'm probably poking sticks into the bee hive, but I'll give it another shot.

The root account can mess with every single file in the file system. Every one.

If you want to give a user access to the GPIO device (or any other device), write a UDEV rule to put the device in a group that the user is also in. Then they can access them, no need to mess with root or change permissions etc. In fact, if you just want to open up the device to everyone then write UDEV rule to do that instead.

I really don't understand why the size of the linux system hardware changes how you would treat root access to the system. Don't get it. Can you explain why the size is a factor in the security of the linux system?

meh. i wish this argument where not purely academic. i want my raspberry pi already!

its so annoying that they are not beeing shipped to europe

its so annoying that they are not beeing shipped to europe

There I knew it, people do not regard the UK as Europe, in the rest of Europe as well as in the UK. Why we are in the EU I will never know, it is all down to the Germans wanting revenge for loosing the war.

well. they already are in the UK. what I meant was "shipped to the rest of europe" but I thought that was implicitly clear, due to the context.

and its you brits who want some whacky special status no wanting euro etc

Grumpy_Mike:
... people do not regard the UK as Europe, in the rest of Europe as well as in the UK. Why we are in the EU I will never know, it is all down to the Germans wanting revenge for loosing the war.

No it was the French who needed someone to pay for their ridiculuos farmer subsidies.

signed one who has lived 10 years in UK, 6 years in DE and 10 years in SE and quite a lot in DK not in that order ...

Yes I originally had the French in my little rant but edidited it out. Look at a map, the UK is not in Europe.
Europ is that island just of the coast?

Mind you I do like Denmark and Hollend, been on holiday many times to those places.

Just to get back to the Pi.
They have just released the schematics which makes interesting viewing.

One other piece of news is that the GPIO pins can only sink 5mA and source 1mA so no one will be hanging much in the way of LEDs off one without buffering.

sink 5mA and source 1mA

Not great and not as good as the SAMs but I suppose par for the course with these chips.

Rob

5mA isn't so little for a modern LED. After all, 20mA gets you "almost blinding."

ARM chips generally have rather poor drive capability; the NXP LPC1114 that I'm using has a single 20 mA pin, the others are 4 mA. High-brightness LEDs are OK, of course.