Needs some advises on driver security attributes
We are doing a driver and control panel for our device. In order to access the properties the control panel need to access our custom driver and standard HID. Currently, the HID data is retrieve by opening /dev/input/eventX but since the permission is 'crw-rw----', the application owner has to be root and permission set to '-rwx-r-sr-x'.
The alternative method we found is to add a UDEV script in order to set the permission on our own driver and /dev/input/eventX to 'crw-rw-rw-' and leave the application with normal permission.
We think that the 2nd method in where we set driver permission to READ-WRITE for all users seem safer on the user point of view. So, the application is restrict to normal access. However, we wonder if having read-write permission for everyone on drivers is a big concern?
Thank you in advance for your advise!
ps: sorry if this post should be in another section, I felt our question is more kernel related than user-space programming.