Having seen Samsung engineering practices at first hand this doesn't surprise me. I'd put money on this not being an issue on the Nexus 10, where the Google Android team would have been involved with the product.
According to http://forum.xda-developers.com/showthread.php?t=2050297 the N10 is an Exynos5 device and thus not compatible anyway. Not sure though if the Google team is reviewing the whole set of patches (and if such a patch would not slip through their hands).
this exploit is probably connected more to the company than the processor. If they can rubberstamp (or not even realize they're) shipping hacks like this they could be doing it again.
Holy crap, tried this on my S 3 too (custom rom Cyanogenmod derived MIUI) with the same result. I guess chmoding it to the proper permissions (0600) will cause all kinds of different issues, won't it?
I am replying to you assuming that you and your parent will be able to see this.
Just tested this. Details first - Custom ROM (based on ICS). Stock google camera app (based on ICS).
"chmod 0600 /dev/exynos-mem" works well. The file permissions then shows crw------- as expected. The camera app still works fine. I tried recording videos and capturing pictures and was successful (1080p & 8MPx settings). Looking at the file permission after launching the camera app still shows no change (i.e. if it was 0600, it remains 0600). However, when I reboot the phone, the file's permission returns to 666. I have done this entire process three times just to be sure, and the file's permissions always returns to the default values.
Might need to look into it further, but frankly I don't have the time nowadays.
Would require further investigation. However, running the camera app via a non-priviliged account and also removing access would have the effect of removing DMA to the camera, that is why I suggested the result might be a black or green screen. I suppose it's possible they have some other way of taking stills, but I can pretty much guarantee you aren't going to record 1080p without DMA.
The proper solution is to obviously limit the DMA to regions of memory only needed by the camera. From my albeit cursory glance of the issue, it seems like you can pretty much write to any region of memory.
I have to imagine an exploit of that gaping a security hole is not very far away given the huge install base of samsung exynos devices.
I stand corrected. I tried for a fourth time, and apparently, after chmodding you need to wait for a minute or two. After that if you open the camera app, there is a black screen, exactly as you described.
EDIT - I still don't understand. The camera seems to be completely controlled by black magic. I have not recorded, but opening/closing the camera, then changing the permissions seems to allow you to continue using the camera app even with (0600).
Probably because the camera service was still running and has already opened the file before you change the permissions. Changing permissions doesn't affect existing file descriptors.
You can probably change it in /uevent.boardname.d - substitute in the board that you see. If you see uevent.goldfish.d, you can ignore that one. (It's for the emulator.) Let me know if it works for you.
This file is located on the initrd on the boot image, however, so you have to pull the boot image, split it, extract the initrd, change the uevent file, repack it, and flash it.