From owner-freebsd-hackers Wed Oct 22 13:29:41 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id NAA24852 for hackers-outgoing; Wed, 22 Oct 1997 13:29:41 -0700 (PDT) (envelope-from owner-freebsd-hackers) Received: from lestat.nas.nasa.gov (lestat.nas.nasa.gov [129.99.50.29]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id NAA24845 for ; Wed, 22 Oct 1997 13:29:39 -0700 (PDT) (envelope-from thorpej@lestat.nas.nasa.gov) Received: from localhost (localhost [127.0.0.1]) by lestat.nas.nasa.gov (8.8.6/8.6.12) with SMTP id NAA20863; Wed, 22 Oct 1997 13:30:30 -0700 (PDT) Message-Id: <199710222030.NAA20863@lestat.nas.nasa.gov> X-Authentication-Warning: lestat.nas.nasa.gov: localhost [127.0.0.1] didn't use HELO protocol To: dk+@ua.net Cc: freebsd-hackers@freebsd.org Subject: Re: Possible SERIOUS bug in open()? Reply-To: Jason Thorpe From: Jason Thorpe Date: Wed, 22 Oct 1997 13:30:28 -0700 Sender: owner-freebsd-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Wed, 22 Oct 1997 13:05:02 -0700 (PDT) Dmitry Kohmanyuk wrote: > > How would opening for !read !write be useful? What else could you possibly > > want to do? (Yes, this is a trick question :-) > > just for ioctl()s? Ah, that's the trick part of the question :-) For ioctls that change the state of the device, you absolutely want to have it open for writing. This is sort of obvious. For ioctls that don't change the state of the device, you absolutely want to have it open for reading. I.e. if you have a device that can expose sensitive information by ioctl, and you set the mode to 600, you won't want random people opening it via the neat little open hole and performing that read-only ioctl. Jason R. Thorpe thorpej@nas.nasa.gov NASA Ames Research Center Home: +1 408 866 1912 NAS: M/S 258-6 Work: +1 415 604 0935 Moffett Field, CA 94035 Pager: +1 415 428 6939