From owner-freebsd-stable@FreeBSD.ORG  Mon Oct 13 21:34:43 2008
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D848C10656A0;
	Mon, 13 Oct 2008 21:34:43 +0000 (UTC)
	(envelope-from edwin@mavetju.org)
Received: from k7.mavetju.org (ppp121-44-62-136.lns10.syd7.internode.on.net
	[121.44.62.136])
	by mx1.freebsd.org (Postfix) with ESMTP id 8B01D8FC18;
	Mon, 13 Oct 2008 21:34:43 +0000 (UTC)
	(envelope-from edwin@mavetju.org)
Received: by k7.mavetju.org (Postfix, from userid 1001)
	id 8A7A445039; Tue, 14 Oct 2008 08:34:00 +1100 (EST)
Date: Tue, 14 Oct 2008 08:34:00 +1100
From: Edwin Groothuis <edwin@mavetju.org>
To: "Carlos A. M. dos Santos" <unixmania@gmail.com>
Message-ID: <20081013213400.GB71471@mavetju.org>
References: <20080910203445.GA8561@mr-happy.com>
	<e71790db0809101854k1b9d75dck2efb3fee8ee67826@mail.gmail.com>
	<e71790db0810122216n54593f5dn577b148496e1e2ee@mail.gmail.com>
	<20081013052353.GA10013@icarus.home.lan>
	<20081013210520.GA71471@mavetju.org>
	<e71790db0810131423u5c19bcadi5dd8f6b6fcff2597@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <e71790db0810131423u5c19bcadi5dd8f6b6fcff2597@mail.gmail.com>
User-Agent: Mutt/1.4.2.3i
Cc: Jeremy Chadwick <koitsu@freebsd.org>, freebsd-stable@freebsd.org,
	Jeff Blank <jb000002@mr-happy.com>
Subject: Re: can't see non-root writes to /dev/console
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Oct 2008 21:34:43 -0000

On Mon, Oct 13, 2008 at 06:23:01PM -0300, Carlos A. M. dos Santos wrote:
> The OpenBSD folks solved the permission issue along time ago(*) by
> means of a privilege separation feature. Take a look at
> 
>      http://www.openbsd.org/cgi-bin/cvsweb/xenocara/app/xconsole/
> 
> I will see if is possible to update the xconsole port in order to do
> the same. Is there any standard privilege separation framework on
> FreeBSD?

I haven't heard of it, but is it a framework on OpenBSD or is it
an approach?

Edwin

-- 
Edwin Groothuis		Website: http://www.mavetju.org/
edwin@mavetju.org	Weblog:  http://www.mavetju.org/weblog/