From owner-freebsd-hackers Mon Jan 19 14:38:23 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA28660 for hackers-outgoing; Mon, 19 Jan 1998 14:38:23 -0800 (PST) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from ns1.yes.no (ns1.yes.no [195.119.24.10]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA28606; Mon, 19 Jan 1998 14:37:45 -0800 (PST) (envelope-from eivind@bitbox.follo.net) Received: from bitbox.follo.net (bitbox.follo.net [194.198.43.36]) by ns1.yes.no (8.8.7/8.8.7) with ESMTP id WAA19874; Mon, 19 Jan 1998 22:37:02 GMT Received: (from eivind@localhost) by bitbox.follo.net (8.8.6/8.8.6) id XAA01617; Mon, 19 Jan 1998 23:36:56 +0100 (MET) To: Paul Traina Cc: Bruce Evans , bde@FreeBSD.ORG, dg@FreeBSD.ORG, hackers@FreeBSD.ORG Subject: Re: isdisk() kludge in kernel References: <199801182142.NAA08748@red.juniper.net> From: Eivind Eklund Date: 19 Jan 1998 23:36:56 +0100 In-Reply-To: <199801182142.NAA08748@red.juniper.net> Message-ID: <86u3b05bw7.fsf@bitbox.follo.net> Lines: 21 X-Mailer: Gnus v5.4.52/XEmacs 20.2 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk * Paul Traina | > >I'd like to propose changing spec_open to simply NEVER allowing the open of | > >a block device, or character device, if a character device has a block | > >device associated with it and eliminate isdisk() in kern_conf entirely. | > | > This would break at least backups to SCSI tape devices, since st has both | > block and character devices, but tapes aren't disks. Perhaps the broken | > version is correct - isdisk() really means isasecurityholeifmountable(). | | Aha, you're correct, ok, bad idea. Couldn't this be solved the opposite way? Default to denying open of character devices with associated block devices, and a flag to indicate that this device is OK to open in secure mode? Generally, default to denying is the only thing that is likely to create a secure system. Eivind.