Internet, Unix en security

Linux versus dmidecode

When Linux 2.4 included various hash and encryption algorithms in the kernel to make use of hardware acceleration, some people looked weird. When Linux 2.6 spent a lot of time in udev to implement this, there were also many negative noises, but now we have started to phase out HAL and replace it with DeviceKit. This will bring closer and better support for devices to add and remove and also pass this on to userland applications.

Linux developers are also making progress in other places, such as when reading out hardware. Where previously the application dmidecode was needed to read a BIOS properly, this can now be done directly via the sys file system. The command dmidecode must run with root privileges unfortunately or the binary must be setuid.

$ sudo dmidecode --type bios | grep Version
Version: F5

With the solution via the sys-file system, it can suddenly become any user. The user no longer needs access to the memory page where all information is stored and the kernel plays its role as abstraction layer as it should be.

$ cat /sys/devices/virtual/dmi/id/bios_version

With this, the time has come to actively clean up dmidecode from being used in Debian and other distributions.