[genivi-dlt] secure DLT daemon implementation

Anooj Gopi Anooj.Gopi at alpine.de
Thu Feb 15 10:48:47 EST 2018


Hi,

I think no, I am referring anything project specific here.

IMO we should keep the files in /run/ which is a standard path of systemd. 
For eg dlt daemon service creating the directory /run/dlt/ with the proper 
permissions (eg. RuntimeDirectoryMode=0711 in service file). Keep our 
files under this directory so that no one else could mess up with our 
files.

Changing the default paths in dlt.conf can be changed to /run/ instead of 
tmp. I don's see any risk. do you?

Best Regards / Viele Grüße,
Anooj Gopi




From:
"Lipka, Christoph (ADITG/ESA)" <clipka at de.adit-jv.com>
To:
Anooj Gopi <Anooj.Gopi at alpine.de>, 
Cc:
"genivi-diagnostic-log-and-trace at lists.genivi.org" 
<genivi-diagnostic-log-and-trace at lists.genivi.org>, 
genivi-diagnostic-log-and-trace 
<genivi-diagnostic-log-and-trace-bounces at lists.genivi.org>, Oleksandr 
Popov2 <Oleksandr_Popov2 at epam.com>
Date:
15.02.2018 16:35
Subject:
AW: AW: [genivi-dlt] secure DLT daemon implementation



Hi,
 
The location will be configurable with CMake, we have it internally 
already in the code. I hope to get the relevant PR out soon.
What permissions would you propose? This is somehow specific to your 
setup, isn?t it? 
 
Regards,
Christoph
 
Von: Anooj Gopi [mailto:Anooj.Gopi at alpine.de] 
Gesendet: Donnerstag, 15. Februar 2018 16:23
An: Lipka, Christoph (ADITG/ESA)
Cc: genivi-diagnostic-log-and-trace at lists.genivi.org; 
genivi-diagnostic-log-and-trace; Oleksandr Popov2
Betreff: Re: AW: [genivi-dlt] secure DLT daemon implementation
 
Hello Christoph, 

Could you also think of moving all of these fifo's (future the unix domain 
sockets) and control sockets to /run/. Keeping them /tmp/ is not very 
safe. 
At the moment fifo's  (future the unix domain sockets) at /tmp/dltpipes/ 
is created by dlt lib, and any application can read data from any pipe. 
What permissions are you planning for those files? 

Best Regards / Viele Grüße,
Anooj Gopi



From: 
"Lipka, Christoph (ADITG/ESA)" <clipka at de.adit-jv.com> 
To: 
Oleksandr Popov2 <Oleksandr_Popov2 at epam.com>, Anooj Gopi <
Anooj.Gopi at alpine.de>, 
Cc: 
"genivi-diagnostic-log-and-trace at lists.genivi.org" <
genivi-diagnostic-log-and-trace at lists.genivi.org>, 
genivi-diagnostic-log-and-trace <
genivi-diagnostic-log-and-trace-bounces at lists.genivi.org> 
Date: 
15.02.2018 16:12 
Subject: 
AW: [genivi-dlt] secure DLT daemon implementation
 




Hi,

> Also could you tell me what's the purpose of the folder /tmp/dltpipes/ 
with
> named pipes?

The DLT User Library linked to an application will open a named pipe 
(/tmp/dltpipes/dlt<pid>) to receive messages from DLT daemon (e.g. log 
level updates or injection messages sent by DLT Viewer).

BTW: We will provide a patch soon that makes it possible to use UNIX 
socket connections between applications and dlt daemon instead of named 
fifos. 

> Do you have any recommendations regarding  unix socket 
/tmp/dlt-ctrl.sock

You could define a "dlt-control" group that is allowed to read/write on 
the dlt-ctrl socket. This socket is for example used by dlt-control or 
dlt-logstorage-ctrl socket to send commands to the dlt daemon.

Regards,
Christoph

> -----Ursprüngliche Nachricht-----
> Von: genivi-diagnostic-log-and-trace [
mailto:genivi-diagnostic-log-and-trace-
> bounces at lists.genivi.org] Im Auftrag von Oleksandr Popov2
> Gesendet: Donnerstag, 15. Februar 2018 16:02
> An: Anooj Gopi
> Cc: genivi-diagnostic-log-and-trace at lists.genivi.org; 
genivi-diagnostic-log-
> and-trace
> Betreff: Re: [genivi-dlt] secure DLT daemon implementation
> 
> Hello Anooj,
> 
> Thanks a lot for your reply.
> The mentioned fifo is the named pipe /tmp/dlt,  right?
> Do you have any recommendations regarding  unix socket 
/tmp/dlt-ctrl.sock
> that seems to be used by the DLT daemon to send control messages to the
> DLT lib client e.g. about allowed log level change?
> Also could you tell me what's the purpose of the folder /tmp/dltpipes/ 
with
> named pipes?
> 
> Thank you in advance.
> 
> 
> Best regards,
> Oleksandr Popov
> 
> 
> ________________________________
> From: Anooj Gopi <Anooj.Gopi at alpine.de>
> Sent: Thursday, February 15, 2018 3:51:14 PM
> To: Oleksandr Popov2
> Cc: genivi-diagnostic-log-and-trace at lists.genivi.org; 
genivi-diagnostic-log-
> and-trace
> Subject: Re: [genivi-dlt] secure DLT daemon implementation
> 
> Hi,
> 
> Well that is right. Security has to be considered.
> dlt daemon has to run with a special user. This user should be the only 
one
> with read permission from the fifo (IPC between dlt lib and daemon).
> 
> Best Regards / Viele Grüße,
> Anooj Gopi
> 
> 
> From:   Oleksandr Popov2 <Oleksandr_Popov2 at epam.com>
> To:     "genivi-diagnostic-log-and-trace at lists.genivi.org" 
<genivi-diagnostic-
> log-and-trace at lists.genivi.org>,
> Date:   14.02.2018 10:36
> Subject:        [genivi-dlt] secure DLT daemon implementation
> Sent by:        "genivi-diagnostic-log-and-trace" 
<genivi-diagnostic-log-and-
> trace-bounces at lists.genivi.org>
> 
> ________________________________
> 
> 
> 
> Hi all,
> 
> According to
> 
https://at.projects.genivi.org/wiki/display/PROJ/Diagnostic+Log+and+Trace,
> the DLT is developed with accordance to AUTOSAR standards and as a 
result,
> it doesn't care about any security.
> To use the DLT during production phase, it would be great to have 
security
> mechanisms implemented, e.g to prevent DLT library clients from
> affecting/sniffing other clients and the DLT daemon.
> Do you have any secure DLT implementation/features for using on non-
> AUTOSAR Linux systems?
> 
> Thank you in advance.
> 
> 
> Best regards,
> 
> Oleksandr Popov
> 
> _______________________________________________
> genivi-diagnostic-log-and-trace mailing list genivi-diagnostic-log-and-
> trace at lists.genivi.org
> 
https://lists.genivi.org/mailman/listinfo/genivi-diagnostic-log-and-trace
> 
> 
> Alpine Electronics R&D Europe GmbH, Vor dem Lauch 14, 70567 Stuttgart,
> Registergericht Stuttgart, HRB 25265
> Geschaeftsfuehrer: Toshinori Kobayashi, Koichi Endo Working office:
> Wilhelm-Wagenfeld-Str. 1-3, 80807 Muenchen
> 
> ATTENTION: This e-mail and any files transmitted with it may be 
privileged
> and/or confidential, and are intended solely for the use of the 
individual or
> entity to whom this e-mail is addressed. If you are not one of the named
> recipients or otherwise have reason to believe that you have received 
this e-
> mail in error, please notify the sender and delete this message 
immediately
> from your computer. We thank you for your cooperation.
> _______________________________________________
> genivi-diagnostic-log-and-trace mailing list genivi-diagnostic-log-and-
> trace at lists.genivi.org
> 
https://lists.genivi.org/mailman/listinfo/genivi-diagnostic-log-and-trace



Alpine Electronics R&D Europe GmbH, Vor dem Lauch 14, 70567 Stuttgart,
Registergericht Stuttgart, HRB 25265
Geschaeftsfuehrer: Toshinori Kobayashi, Koichi Endo 
Working office: Wilhelm-Wagenfeld-Str. 1-3, 80807 Muenchen

ATTENTION: This e-mail and any files transmitted with it may be privileged
and/or confidential, and are intended solely for the use of the individual
or entity to whom this e-mail is addressed. If you are not one of the
named recipients or otherwise have reason to believe that you have
received this e-mail in error, please notify the sender and delete this
message immediately from your computer. We thank you for your cooperation.




Alpine Electronics R&D Europe GmbH, Vor dem Lauch 14, 70567 Stuttgart,
Registergericht Stuttgart, HRB 25265
Geschaeftsfuehrer: Toshinori Kobayashi, Koichi Endo 
Working office: Wilhelm-Wagenfeld-Str. 1-3, 80807 Muenchen

ATTENTION: This e-mail and any files transmitted with it may be privileged
and/or confidential, and are intended solely for the use of the individual
or entity to whom this  e-mail is addressed. If you are not one of the
named recipients or otherwise  have reason to believe that you have
received this e-mail in error, please notify  the sender and delete this
message immediately from your computer. We thank you for your cooperation.


More information about the genivi-diagnostic-log-and-trace mailing list