Date: Wed, 12 Jul 2006 15:47:41 +0300 From: "Alexandros Kosiaris" <akosiaris@gmail.com> To: freebsd-stable@freebsd.org, freebsd-current@freebsd.org Subject: Securelevels and /dev/io documentation inconsistency Message-ID: <cee728a70607120547q51b3e45flfe22716fd28b8c83@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello,
I believe i have stumbled upon a documentation inconsistency
concerning securelevels and usage of /dev/io
>From init(8) manpage
1 Secure mode - the system immutable and system append-only flags may
not be turned off; disks for mounted file systems, /dev/mem,
/dev/kmem and /dev/io (if your platform has it) may not be opened
for writing; kernel modules (see kld(4)) may not be loaded or
unloaded.
Note the "may not be opened for writing". It is correct for /dev/mem
and /dev/kmem but incorrect for /dev/io as the following experiment
shows:
3:40pm ~ # sysctl kern.securelevel
kern.securelevel: 1
root@mybox
3:40pm ~ # head /dev/io
head: /dev/io: Operation not permitted
root@mybox
3:40pm ~ #
Now the source code in /usr/src/sys/i386/i386/io.c just checks if
securelevel is greater that 0 when opening the device and return
accordingly.
However from io(4)
Note that even read-only access will grant the full I/O privileges.
Which means that changing the code to check if the device is opened
O_RDONLY and then allowing access would be a mistake cancelling the
idea of blocking access to the device through usage of the
securelevel.
I am correct about the above ?
Does the documentation need a correction in that place?
Thanks,
alex
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cee728a70607120547q51b3e45flfe22716fd28b8c83>