Date: Wed, 28 Nov 2001 10:23:40 -0800 (PST) From: Matthew Jacob <mjacob@feral.com> To: Poul-Henning Kamp <phk@critter.freebsd.dk> Cc: arch@FreeBSD.ORG Subject: Re: Anybody working on devd? Message-ID: <Pine.BSF.4.21.0111281021280.87220-100000@beppo> In-Reply-To: <36655.1006969510@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 28 Nov 2001, Poul-Henning Kamp wrote: > In message <Pine.BSF.4.21.0111280940210.28332-100000@beppo>, Matthew Jacob writes: > >> Generally speaking, it seems desirable the devices would appear in /dev > >> with conservative permissions, and then userland policy might adjust those > >> permissions to be more liberal based on files in /etc, and so on. > > > >I think that if this is the case, there's no point in device drivers knowing > >about permissions at all, and shouldn't be even *allowed* to set them. > > Well, true in the theoretical sense, but it makes a lot of sense > for picobsd like systems that they do. > > As long as the default policy is (ie: becomes) configurable (see > my other email), it is not harmful that the drivers gives a first > stab at mode/owner/group. There's a race between some joblow driver setting completely loose permissions and devd setting the policy based ones. This is a security hole. This is what I meant by "either you trust the driver or you don't". The consensus here is that "we don't". Therefore, internally make_dev uses 0/0 600 as default- not settable by driver. The default policy for picobsd would be 666 I assume. -matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0111281021280.87220-100000>