From owner-freebsd-hackers  Sun Dec 31 02:20:19 1995
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id CAA18717
          for hackers-outgoing; Sun, 31 Dec 1995 02:20:19 -0800 (PST)
Received: from rf900.physics.usyd.edu.au (rf900.physics.usyd.edu.au [129.78.129.109])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id CAA18667
          for <freebsd-hackers@freebsd.org>; Sun, 31 Dec 1995 02:20:08 -0800 (PST)
Received: (from dawes@localhost) by rf900.physics.usyd.edu.au (8.6.11/8.6.9) id VAA17378; Sun, 31 Dec 1995 21:19:51 +1100
From: David Dawes <dawes@rf900.physics.usyd.edu.au>
Message-Id: <199512311019.VAA17378@rf900.physics.usyd.edu.au>
Subject: Re: /dev/io
To: joerg_wunsch@uriah.heep.sax.de
Date: Sun, 31 Dec 1995 21:19:51 +1100 (EST)
Cc: freebsd-hackers@freebsd.org
In-Reply-To: <199512310841.JAA16189@uriah.heep.sax.de> from "J Wunsch" at Dec 31, 95 09:41:41 am
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Sender: owner-hackers@freebsd.org
Precedence: bulk

>Security considerations:
>
>Our KDENABIO is restricted to a process with effective UID 0.  Our
>/dev/io is a security hole in that it allows group kmem processes to
>access the registers (and i haven't seen any reason why this might be
>necessary or useful).
>
>I think SysV allows any process to get access to IO registers via the
>IO perm bitmap. :-(

I don't think that's true.  I'm fairly sure that only euid 0 processes
can do a KDENABIO on SYSV.

David