From owner-cvs-all Tue Dec 14 16:22:49 1999 Delivered-To: cvs-all@freebsd.org Received: from gndrsh.dnsmgr.net (GndRsh.dnsmgr.net [198.145.92.4]) by hub.freebsd.org (Postfix) with ESMTP id D59E7152DD; Tue, 14 Dec 1999 16:22:33 -0800 (PST) (envelope-from freebsd@gndrsh.dnsmgr.net) Received: (from freebsd@localhost) by gndrsh.dnsmgr.net (8.9.3/8.9.3) id QAA20295; Tue, 14 Dec 1999 16:21:46 -0800 (PST) (envelope-from freebsd) From: "Rodney W. Grimes" Message-Id: <199912150021.QAA20295@gndrsh.dnsmgr.net> Subject: Re: cvs commit: src/usr.sbin/chown Makefile In-Reply-To: <199912141848.KAA22993@apollo.backplane.com> from Matthew Dillon at "Dec 14, 1999 10:48:43 am" To: dillon@apollo.backplane.com (Matthew Dillon) Date: Tue, 14 Dec 1999 16:21:46 -0800 (PST) Cc: louie@TransSys.COM (Louis A. Mamakos), obrien@NUXI.com, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk > : > :So, do we need to wait until the perfect solution until any progress > :can be made at all? The place that I suspect most folks trip across > :the chown problem is when making new device nodes for disk devices. > :You don't need awk for that particular problem, and given all the flux > :in the disk arena these days, it would be nice if unsuspecting users > :can unscrew themselves by making (e.g., ad0s1a) device nodes when they > :stumble across that change. > : > :louie > > I would solve this problem by adding options to 'mknod' to allow the > user & group to be specified, and leaving chown where it was before. That actually makes more since! It also narrows the race window between mknod and chown/chmod, which technically could be a security issue. Haven't seen any exploits written that sit and spin waiting for a new open device node, but that doesn't mean one couldn't be written :-) mknod should be run with a umask of 777, then the chown call, then the chmod call, or atleast thats how it seems to be safest. This does go against my grain of though that unix commands should do one thing and one thing only, but but I could arguee with myself that creating a device node includes doing so with correct owner ship and permissions, just as install does when installing a file. -- Rod Grimes - KD7CAX @ CN85sl - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message