From owner-freebsd-arch  Fri Jan  1 17:34:09 1999
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id RAA20286
          for freebsd-arch-outgoing; Fri, 1 Jan 1999 17:34:09 -0800 (PST)
          (envelope-from owner-freebsd-arch@FreeBSD.ORG)
Received: from ns1.yes.no (ns1.yes.no [195.204.136.10])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA20281
          for <freebsd-arch@freebsd.org>; Fri, 1 Jan 1999 17:34:07 -0800 (PST)
          (envelope-from eivind@bitbox.follo.net)
Received: from bitbox.follo.net (bitbox.follo.net [195.204.143.218])
	by ns1.yes.no (8.9.1a/8.9.1) with ESMTP id CAA02825
	for <freebsd-arch@freebsd.org>; Sat, 2 Jan 1999 02:33:43 +0100 (CET)
Received: (from eivind@localhost)
	by bitbox.follo.net (8.8.8/8.8.6) id CAA89775
	for freebsd-arch@freebsd.org; Sat, 2 Jan 1999 02:33:43 +0100 (MET)
Received: from implode.root.com (root.com [208.221.12.98])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA18805
          for <freebsd-arch@FreeBSD.ORG>; Fri, 1 Jan 1999 17:18:21 -0800 (PST)
          (envelope-from root@implode.root.com)
Received: from implode.root.com (localhost [127.0.0.1])
	by implode.root.com (8.8.8/8.8.5) with ESMTP id RAA16295;
	Fri, 1 Jan 1999 17:17:35 -0800 (PST)
Message-Id: <199901020117.RAA16295@implode.root.com>
To: Joerg Wunsch <joerg_wunsch@uriah.heep.sax.de>
cc: freebsd-arch@FreeBSD.ORG
Subject: Re: DEVFS, the time has come... 
In-reply-to: Your message of "Sat, 02 Jan 1999 01:04:59 +0100."
             <19990102010459.42125@uriah.heep.sax.de> 
From: David Greenman <dg@root.com>
Reply-To: dg@root.com
Date: Fri, 01 Jan 1999 17:17:35 -0800
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

>> OPINION:
>> 
>> My personal preference is to take a non-persistent DEVFS.

   ...as it is mine as well. The main argument in favor of persistence is
that operators may assume that doing a chmod/chown on files in /dev will be
permanent. If this assumption is not correct, then it can lead to potential
security holes that may go unnoticed to the inexperianced operator after the
next reboot. The secondary argument is that non-persistence violates the
Principle of Least Astonishment. Of course, this only applies to people who
are new to FreeBSD, and I'd expect the more intelligent of the newbies to
wonder how it works when they notice /dev show up in 'df' output.
   The first argument about security can be addressed by simply making all
device nodes owned root/wheel, mode 0000 by default. This has the positive
side-effect of not having to hard code policy in the driver sources.
   The secondary argument can be fixed with education and good documentation.
   Nonetheless, there are a fair number of people who feel religiously about
this issue, so it will be a tough decision for some part of the usership
to swallow, no matter what direction we go with devfs.

-DG

David Greenman
Co-founder/Principal Architect, The FreeBSD Project

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message