Date: Sun, 14 Apr 2002 21:33:24 +0100 From: Scott Mitchell <scott.mitchell@mail.com> To: dillama <dillama1@excite.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: What does nodev actually do? Message-ID: <20020414213324.E18618@fishballoon.dyndns.org> In-Reply-To: <20020414173915.D95B8B6BB@xmxpita.excite.com>; from dillama1@excite.com on Sun, Apr 14, 2002 at 01:39:15PM -0400 References: <20020414173915.D95B8B6BB@xmxpita.excite.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Apr 14, 2002 at 01:39:15PM -0400, dillama wrote: > > Can anyone explain what the "nodev" option in mounting a drive does? How > does it make things more secure (according to the handbook)? It tells the system to ignore any files on the mounted drive that claim to be 'device nodes' -- the special files (typically found in /dev) that give access to the physical hardware on your machine. Specifying 'nodev' prevents someone from mounting a filesystem containing a world-writable disk device node, then using that to write random data all over your disks, for example. I'm not sure if that would work even without 'nodev' though; anyone know if I could just construct a UFS floppy containing device nodes, mount it as myself, then us it for evil? Or would I have to mount it as root? Probably no harm in using 'nodev' on any filesystem apart from your root partition (you need those devices in /dev :-), unless there's a specific reason to be using devices on some other filesystem. Scott -- =========================================================================== Scott Mitchell | PGP Key ID | "Eagles may soar, but weasels Cambridge, England | 0x54B171B9 | don't get sucked into jet engines" scott.mitchell@mail.com | 0xAA775B8B | -- Anon To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020414213324.E18618>