Date: Fri, 01 Jan 1999 17:17:35 -0800 From: David Greenman <dg@root.com> To: Joerg Wunsch <joerg_wunsch@uriah.heep.sax.de> Cc: freebsd-arch@FreeBSD.ORG Subject: Re: DEVFS, the time has come... Message-ID: <199901020117.RAA16295@implode.root.com> In-Reply-To: Your message of "Sat, 02 Jan 1999 01:04:59 %2B0100." <19990102010459.42125@uriah.heep.sax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
>> OPINION: >> >> My personal preference is to take a non-persistent DEVFS. ...as it is mine as well. The main argument in favor of persistence is that operators may assume that doing a chmod/chown on files in /dev will be permanent. If this assumption is not correct, then it can lead to potential security holes that may go unnoticed to the inexperianced operator after the next reboot. The secondary argument is that non-persistence violates the Principle of Least Astonishment. Of course, this only applies to people who are new to FreeBSD, and I'd expect the more intelligent of the newbies to wonder how it works when they notice /dev show up in 'df' output. The first argument about security can be addressed by simply making all device nodes owned root/wheel, mode 0000 by default. This has the positive side-effect of not having to hard code policy in the driver sources. The secondary argument can be fixed with education and good documentation. Nonetheless, there are a fair number of people who feel religiously about this issue, so it will be a tough decision for some part of the usership to swallow, no matter what direction we go with devfs. -DG David Greenman Co-founder/Principal Architect, The FreeBSD Project To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199901020117.RAA16295>