Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 29 Aug 2005 16:20:39 +0200
From:      Pawel Jakub Dawidek <pjd@FreeBSD.org>
To:        "Christian S.J. Peron" <csjp@FreeBSD.org>
Cc:        cvs-src@FreeBSD.org, src-committers@FreeBSD.org, Dario Freni <saturnero@freesbie.org>, cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/sys/dev/md md.c
Message-ID:  <20050829142039.GA63415@garage.freebsd.pl>
In-Reply-To: <200508170124.j7H1Ou1j047750@repoman.freebsd.org>
References:  <200508170124.j7H1Ou1j047750@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

--oyUTqETQ0mS9luUI
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Aug 17, 2005 at 01:24:55AM +0000, Christian S.J. Peron wrote:
+> csjp        2005-08-17 01:24:55 UTC
+>=20
+>   FreeBSD src repository
+>=20
+>   Modified files:
+>     sys/dev/md           md.c=20
+>   Log:
+>   Ensure that file flags such as schg, sappnd (and others) are honored
+>   by md(4). Before this change, it was possible to by-pass these flags
+>   by creating memory disks which used a file as a backing store and
+>   writing to the device.
+>  =20
+>   This was discussed by the security team, and although this is problema=
tic,
+>   it was decided that it was not critical as we never guarantee that roo=
t will
+>   be restricted.
+>  =20
+>   This change implements the following behavior changes:
+>  =20
[...]
+>   -Do not gracefully downgrade access modes without telling the user. In=
stead
+>    make the user specify their intentions for the device (assuming the f=
ile is
+>    read only). This seems like the more correct way to handle things.

I don't think so. It already broke some environments (see current@).
I think downgrading to read-only when file system is mounted read-only
should stay.

--=20
Pawel Jakub Dawidek                       http://www.wheel.pl
pjd@FreeBSD.org                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!

--oyUTqETQ0mS9luUI
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (FreeBSD)

iD8DBQFDExm3ForvXbEpPzQRAjzKAKDsIDkJ8TFxYhZaQv8UNBsv5tr1hQCg9B7x
H938JOOhYtIJ38rcB9gZ/Cg=
=BxIC
-----END PGP SIGNATURE-----

--oyUTqETQ0mS9luUI--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050829142039.GA63415>