From owner-freebsd-geom@FreeBSD.ORG Wed Oct 13 19:35:08 2010 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3E88F106566C; Wed, 13 Oct 2010 19:35:08 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from mail.zoral.com.ua (mx0.zoral.com.ua [91.193.166.200]) by mx1.freebsd.org (Postfix) with ESMTP id A6F2D8FC12; Wed, 13 Oct 2010 19:35:07 +0000 (UTC) Received: from deviant.kiev.zoral.com.ua (root@deviant.kiev.zoral.com.ua [10.1.1.148]) by mail.zoral.com.ua (8.14.2/8.14.2) with ESMTP id o9DJZ3PQ095157 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 13 Oct 2010 22:35:03 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: from deviant.kiev.zoral.com.ua (kostik@localhost [127.0.0.1]) by deviant.kiev.zoral.com.ua (8.14.4/8.14.4) with ESMTP id o9DJZ3il085882; Wed, 13 Oct 2010 22:35:03 +0300 (EEST) (envelope-from kostikbel@gmail.com) Received: (from kostik@localhost) by deviant.kiev.zoral.com.ua (8.14.4/8.14.4/Submit) id o9DJZ3I3085881; Wed, 13 Oct 2010 22:35:03 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: deviant.kiev.zoral.com.ua: kostik set sender to kostikbel@gmail.com using -f Date: Wed, 13 Oct 2010 22:35:03 +0300 From: Kostik Belousov To: Jaakko Heinonen Message-ID: <20101013193503.GF2392@deviant.kiev.zoral.com.ua> References: <20101007180657.GA1383@a91-153-123-205.elisa-laajakaista.fi> <20101013085025.GB54686@jh> <20101013143332.GC2392@deviant.kiev.zoral.com.ua> <20101013184817.GB1988@a91-153-123-205.elisa-laajakaista.fi> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="1LpQWWJpWf1Eem63" Content-Disposition: inline In-Reply-To: <20101013184817.GB1988@a91-153-123-205.elisa-laajakaista.fi> User-Agent: Mutt/1.4.2.3i X-Virus-Scanned: clamav-milter 0.95.2 at skuns.kiev.zoral.com.ua X-Virus-Status: Clean X-Spam-Status: No, score=-3.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, DNS_FROM_OPENWHOIS autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on skuns.kiev.zoral.com.ua Cc: freebsd-geom@freebsd.org Subject: Re: HEADS UP: device name checking on device registration X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Oct 2010 19:35:08 -0000 --1LpQWWJpWf1Eem63 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Oct 13, 2010 at 09:48:17PM +0300, Jaakko Heinonen wrote: > On 2010-10-13, Kostik Belousov wrote: > > You might consider creating some well-controlled name instead of failed > > one, and printing a diagnostic describing what happen. >=20 > Couldn't this cause a security problem or POLA violation with devfs > rules? Name based rules may be used to hide devices or change device > permissions. Fair enough. You can add a flag that allows make_dev() to do name change. This way, the rules can be applied still, before doing name change. Specific error code might be returned to inform the caller about the issue. Probably, that would require keeping the original name around, so the change may be too radical for little gain. --1LpQWWJpWf1Eem63 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (FreeBSD) iEYEARECAAYFAky2CecACgkQC3+MBN1Mb4ge8wCeIQwqgym3qwVhTqeDNBlxIK1f EUIAoImPOASWXVDMGinl9KmE0jNY1Rrh =equd -----END PGP SIGNATURE----- --1LpQWWJpWf1Eem63--