Date: Thu, 12 Feb 2004 11:35:41 +1100 (EST) From: Bruce Evans <bde@zeta.org.au> To: Andre Guibert de Bruet <andy@siliconlandmark.com> Cc: current@freebsd.org Subject: Re: make_dev(9) perms for SCSI & SCSI RAID drivers in CURRENT. Message-ID: <20040212113128.M83448@gamplex.bde.org> In-Reply-To: <20040210050623.U91658@alpha.siliconlandmark.com> References: <20040208022417.M91658@alpha.siliconlandmark.com> <20040208151037.J91658@alpha.siliconlandmark.com> <20040210050623.U91658@alpha.siliconlandmark.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 10 Feb 2004, Andre Guibert de Bruet wrote: > (Yes, I'm replying to myself... heh) > > On Sun, 8 Feb 2004, Andre Guibert de Bruet wrote: > > > On Mon, 9 Feb 2004, Bruce Evans wrote: > > > > > On Sun, 8 Feb 2004, Andre Guibert de Bruet wrote: > > > ... > > > > Here's a quick illustration of what I'm refering to: > > > > > > > > aac 0640 (octal notation in code) > > > > amr 0600 (implemented as S_IRUSR | S_IWUSR) > > > > asr 0640 (octal notation in code) > > > > ciss 0600 (implemented as S_IRUSR | S_IWUSR) > > > > ida 0600 (implemented as S_IRUSR | S_IWUSR) > > > > iir 0644 (implemented as S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) > > > > ips 0600 (implemented as S_IRUSR | S_IWUSR) > > > > isp 0600 (octal notation in code) > > > > mly 0600 (implemented as S_IRUSR | S_IWUSR) > > > > > > Most of these actually create control devices, so mode 0600 is correct > > > and group operator is bogus, and mode 0640 is a potental security hole > > > especially with group operator. Group operator is almost always used > > > of course. The data devices are mostly created by the disk mini-layer > > > in RELENG_4 (except RELENG_4 doesn't really have devfs) and by GEOM in > > > -current. > > > > I adjusted and expanded the set of patches that I had to change > > permissions on the control devices so that they also set the GID to wheel. > > The assumption that I am making with these patches is that the drivers > > that are calling make_dev() are creating control devices, as they should > > be letting GEOM create their data devices. Feedback is welcome here as my > > GEOM-fu isn't all that hot... > > > > I have tried to maintain the style used in the drivers themselves and > > fixed the long line in the patch for isp_freebsd.c. > > I've gotten a number of interesting questions and so far no objections. Is > there any chance of getting the patches committed? I have no objections, but will leave it to others (preferably the driver maintainers) to commit the patches. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040212113128.M83448>