From owner-freebsd-hackers Tue Sep 21 7: 8:57 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from jumping-spider.aracnet.com (jumping-spider.aracnet.com [205.159.88.14]) by hub.freebsd.org (Postfix) with ESMTP id E46E114FFC for ; Tue, 21 Sep 1999 07:08:47 -0700 (PDT) (envelope-from beattie@aracnet.com) Received: from shell2.aracnet.com (IDENT:1728@shell2.aracnet.com [216.99.193.20]) by jumping-spider.aracnet.com (8.9.3/8.9.3) with ESMTP id HAA20131; Tue, 21 Sep 1999 07:08:47 -0700 Received: from localhost by shell2.aracnet.com (8.8.7) id HAA26073; Tue, 21 Sep 1999 07:08:48 -0700 X-Authentication-Warning: shell2.aracnet.com: beattie owned process doing -bs Date: Tue, 21 Sep 1999 07:08:48 -0700 (PDT) From: Brian Beattie To: John-Mark Gurney Cc: Julian Elischer , "Matthew N. Dodd" , Chuck Robey , Wayne Cuddy , FreeBSD Hackers List Subject: Re: what is devfs? In-Reply-To: <19990921000009.54622@hydrogen.fircrest.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 21 Sep 1999, John-Mark Gurney wrote: > Julian Elischer scribbled this message on Sep 20: > > > POLA! if we have persisten permissions and ownership, and we allow > > > renaming, then renaming should also be persistant... after the mount > > > again, da0c either no longer exists, or is no longer ttyd1... which > > > neither is an acceptable solution... > > > > I think at this stage you've gone overboard.. > > > > part of the definition of devfs is that a device shows up on mount > > with it's canonical name.. On each new mount every time, even if you've > > mounted it in 10 different places. > > I didn't flat out state it, but I think persistant should NOT be done > via an underlying node, but via a daemon... and then this would be a > moot point as you'd just configure the daemon to do what you need to > do, or run an /etc/rc.devfs script which sets the permission properly.. > I distrust the complexity of daemons in this case, for something as important as device permissions. > that is all I'm looking for... anything else is stupid or complex... > Stupid, is that a technical term? > hell, a daemon could be something as simple as a script that constantly > sees if a device has root:wheel 0600 permissions, and set them correctly > if they don't... > Security controlled by a script, Yikes! > persitance is stupid UNLESS it is complete persitance... and you've said Why? Is this a technical judgment, or personal prejudice? > that complete persitance is to complex, so lets go w/ no persitance, and > default secure premissions... > Because initial security (boot time) is important, and complex solutions are prone to holes. Another daemon, is yet one more process, sucking up resources, prone to attack. If I can hack your devfsd, I can give myself permissions to do anything to your system. Brian Beattie | The only problem with beattie@aracnet.com | winning the rat race ... www.aracnet.com/~beattie | in the end you're still a rat To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message