[genivi-dlt] secure DLT daemon implementation

Anooj Gopi Anooj.Gopi at alpine.de
Thu Feb 15 10:22:14 EST 2018


Hello Christoph,

Could you also think of moving all of these fifo's (future the unix domain 
sockets) and control sockets to /run/. Keeping them /tmp/ is not very 
safe.
At the moment fifo's  (future the unix domain sockets) at /tmp/dltpipes/ 
is created by dlt lib, and any application can read data from any pipe. 
What permissions are you planning for those files?

Best Regards / Viele Grüße,
Anooj Gopi




From:
"Lipka, Christoph (ADITG/ESA)" <clipka at de.adit-jv.com>
To:
Oleksandr Popov2 <Oleksandr_Popov2 at epam.com>, Anooj Gopi 
<Anooj.Gopi at alpine.de>, 
Cc:
"genivi-diagnostic-log-and-trace at lists.genivi.org" 
<genivi-diagnostic-log-and-trace at lists.genivi.org>, 
genivi-diagnostic-log-and-trace 
<genivi-diagnostic-log-and-trace-bounces at lists.genivi.org>
Date:
15.02.2018 16:12
Subject:
AW: [genivi-dlt] secure DLT daemon implementation



Hi,

> Also could you tell me what's the purpose of the folder /tmp/dltpipes/ 
with
> named pipes?

The DLT User Library linked to an application will open a named pipe 
(/tmp/dltpipes/dlt<pid>) to receive messages from DLT daemon (e.g. log 
level updates or injection messages sent by DLT Viewer).

BTW: We will provide a patch soon that makes it possible to use UNIX 
socket connections between applications and dlt daemon instead of named 
fifos. 

> Do you have any recommendations regarding  unix socket 
/tmp/dlt-ctrl.sock

You could define a "dlt-control" group that is allowed to read/write on 
the dlt-ctrl socket. This socket is for example used by dlt-control or 
dlt-logstorage-ctrl socket to send commands to the dlt daemon.

Regards,
Christoph

> -----Ursprüngliche Nachricht-----
> Von: genivi-diagnostic-log-and-trace [
mailto:genivi-diagnostic-log-and-trace-
> bounces at lists.genivi.org] Im Auftrag von Oleksandr Popov2
> Gesendet: Donnerstag, 15. Februar 2018 16:02
> An: Anooj Gopi
> Cc: genivi-diagnostic-log-and-trace at lists.genivi.org; 
genivi-diagnostic-log-
> and-trace
> Betreff: Re: [genivi-dlt] secure DLT daemon implementation
> 
> Hello Anooj,
> 
> Thanks a lot for your reply.
> The mentioned fifo is the named pipe /tmp/dlt,  right?
> Do you have any recommendations regarding  unix socket 
/tmp/dlt-ctrl.sock
> that seems to be used by the DLT daemon to send control messages to the
> DLT lib client e.g. about allowed log level change?
> Also could you tell me what's the purpose of the folder /tmp/dltpipes/ 
with
> named pipes?
> 
> Thank you in advance.
> 
> 
> Best regards,
> Oleksandr Popov
> 
> 
> ________________________________
> From: Anooj Gopi <Anooj.Gopi at alpine.de>
> Sent: Thursday, February 15, 2018 3:51:14 PM
> To: Oleksandr Popov2
> Cc: genivi-diagnostic-log-and-trace at lists.genivi.org; 
genivi-diagnostic-log-
> and-trace
> Subject: Re: [genivi-dlt] secure DLT daemon implementation
> 
> Hi,
> 
> Well that is right. Security has to be considered.
> dlt daemon has to run with a special user. This user should be the only 
one
> with read permission from the fifo (IPC between dlt lib and daemon).
> 
> Best Regards / Viele Grüße,
> Anooj Gopi
> 
> 
> From:   Oleksandr Popov2 <Oleksandr_Popov2 at epam.com>
> To:     "genivi-diagnostic-log-and-trace at lists.genivi.org" 
<genivi-diagnostic-
> log-and-trace at lists.genivi.org>,
> Date:   14.02.2018 10:36
> Subject:        [genivi-dlt] secure DLT daemon implementation
> Sent by:        "genivi-diagnostic-log-and-trace" 
<genivi-diagnostic-log-and-
> trace-bounces at lists.genivi.org>
> 
> ________________________________
> 
> 
> 
> Hi all,
> 
> According to
> 
https://at.projects.genivi.org/wiki/display/PROJ/Diagnostic+Log+and+Trace,
> the DLT is developed with accordance to AUTOSAR standards and as a 
result,
> it doesn't care about any security.
> To use the DLT during production phase, it would be great to have 
security
> mechanisms implemented, e.g to prevent DLT library clients from
> affecting/sniffing other clients and the DLT daemon.
> Do you have any secure DLT implementation/features for using on non-
> AUTOSAR Linux systems?
> 
> Thank you in advance.
> 
> 
> Best regards,
> 
> Oleksandr Popov
> 
> _______________________________________________
> genivi-diagnostic-log-and-trace mailing list genivi-diagnostic-log-and-
> trace at lists.genivi.org
> 
https://lists.genivi.org/mailman/listinfo/genivi-diagnostic-log-and-trace
> 
> 
> Alpine Electronics R&D Europe GmbH, Vor dem Lauch 14, 70567 Stuttgart,
> Registergericht Stuttgart, HRB 25265
> Geschaeftsfuehrer: Toshinori Kobayashi, Koichi Endo Working office:
> Wilhelm-Wagenfeld-Str. 1-3, 80807 Muenchen
> 
> ATTENTION: This e-mail and any files transmitted with it may be 
privileged
> and/or confidential, and are intended solely for the use of the 
individual or
> entity to whom this e-mail is addressed. If you are not one of the named
> recipients or otherwise have reason to believe that you have received 
this e-
> mail in error, please notify the sender and delete this message 
immediately
> from your computer. We thank you for your cooperation.
> _______________________________________________
> genivi-diagnostic-log-and-trace mailing list genivi-diagnostic-log-and-
> trace at lists.genivi.org
> 
https://lists.genivi.org/mailman/listinfo/genivi-diagnostic-log-and-trace





Alpine Electronics R&D Europe GmbH, Vor dem Lauch 14, 70567 Stuttgart,
Registergericht Stuttgart, HRB 25265
Geschaeftsfuehrer: Toshinori Kobayashi, Koichi Endo 
Working office: Wilhelm-Wagenfeld-Str. 1-3, 80807 Muenchen

ATTENTION: This e-mail and any files transmitted with it may be privileged
and/or confidential, and are intended solely for the use of the individual
or entity to whom this  e-mail is addressed. If you are not one of the
named recipients or otherwise  have reason to believe that you have
received this e-mail in error, please notify  the sender and delete this
message immediately from your computer. We thank you for your cooperation.


More information about the genivi-diagnostic-log-and-trace mailing list