From owner-freebsd-commit  Sat Oct 14 00:52:14 1995
Return-Path: owner-commit
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id AAA28518
          for freebsd-commit-outgoing; Sat, 14 Oct 1995 00:52:14 -0700
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id AAA28505
          for cvs-all-outgoing; Sat, 14 Oct 1995 00:51:58 -0700
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id AAA28495
          for cvs-sys-outgoing; Sat, 14 Oct 1995 00:51:56 -0700
Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.19])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id AAA28487
          ; Sat, 14 Oct 1995 00:51:44 -0700
Received: (from bde@localhost) by godzilla.zeta.org.au (8.6.9/8.6.9) id RAA05831; Sat, 14 Oct 1995 17:47:41 +1000
Date: Sat, 14 Oct 1995 17:47:41 +1000
From: Bruce Evans <bde@zeta.org.au>
Message-Id: <199510140747.RAA05831@godzilla.zeta.org.au>
To: CVS-commiters@freefall.freebsd.org, bde@freefall.freebsd.org,
        cvs-sys@freefall.freebsd.org
Subject: Re: cvs commit: src/sys/i386/isa syscons.c
Sender: owner-commit@FreeBSD.org
Precedence: bulk

>  Modified:    sys/i386/isa  syscons.c
>  Log:
>  Don't allow i/o operations for non-root users.

This change should probably be in 2.1, but I'm not sure if it breaks
anything.  pcvt has restricted i// privilege to root for a long time.

i/o privilege should never have been granted in devices other than
/dev/io.  /dev/io has its own permissions which can be used to grant
i/o privilege to a more selective group than root || { anyone that
can talk to a ttyv }.

i/o privilege should not be granted if kern.securelevel >= 1.

Bruce