On Monday, August 27, 2012 04:11:11 PM Henry Cejtin wrote: > I'm completely confused about access to /dev/kvm. In particular, it > looks like it is too open to access, but in a way that I don't > understand. > > On my machine, /dev/kvm is owned by root.root and mode 660. Here is the > output of ls: > > % ls -l /dev/kvm > crw-rw----+ 1 root root 10, 232 Aug 24 15:03 /dev/kvm > > Despite that, when a process is uid 1000 and group id 1000, and not in > any other groups, I can open /dev/kvm. > > ... > > Please note, I don't understand how this could really be. I think the '+' indicates ACLs are in use; 'getfacl /dev/kvm' might be illuminating. It might be something udev does, or something your desktop software does when you log in. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
