I’ve never tried this, but maybeudev rules can be added to change the permissions from 0300 (read is bit 1, write is the 2 bit, sum is 0x3) to 0311. This isn’t hot plug, so I don’t know if this is even a valid method, but it probably will work. Consider that all of /sys files are not real files, they exist only in RAM and are really drivers pretending they are files as a method to talk to user space. Otherwise you probably need to run the application as root.
Anyone here ever updated /sys file permissions in another way?
I suspect it’s not that important to us. I’ll talk to the rest of the team and see if they agree we can drop it as a feature.
If not, I guess we’ll need to create a service that can run between our main app and sysfs.
I get the impression from the Internet, that these changes are being made because any information can be used by bad actors to gain an insight into what the system is doing. Fair enough! :-)
That’s mostly correct, but I’ll add that because the files are a driver, and not actual files, that the code within the driver has to be set up to use different permissions. Was your driver coded and set up with original permissions for a reason? Maybe changes will work, but maybe there are unexpected code consequences. Those files are logic and you’re calling a program, not writing or reading a file.