From owner-cvs-all  Sun Nov  5  9:57:26 2000
Delivered-To: cvs-all@freebsd.org
Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id 7C3E037B4C5; Sun,  5 Nov 2000 09:57:20 -0800 (PST)
Received: from imap.gv.tsc.tdk.com (imap.gv.tsc.tdk.com [192.168.241.198])
	by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id JAA26520;
	Sun, 5 Nov 2000 09:57:20 -0800 (PST)
	(envelope-from gdonl@tsc.tdk.com)
Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194])
	by imap.gv.tsc.tdk.com (8.9.3/8.9.3) with ESMTP id JAA69420;
	Sun, 5 Nov 2000 09:57:19 -0800 (PST)
	(envelope-from Don.Lewis@tsc.tdk.com)
Received: (from gdonl@localhost)
	by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id JAA21013;
	Sun, 5 Nov 2000 09:57:19 -0800 (PST)
From: Don Lewis <Don.Lewis@tsc.tdk.com>
Message-Id: <200011051757.JAA21013@salsa.gv.tsc.tdk.com>
Date: Sun, 5 Nov 2000 09:57:19 -0800
In-Reply-To: <Pine.NEB.3.96L.1001105124230.43654W-100000@fledge.watson.org>
References:  <Pine.NEB.3.96L.1001105124230.43654W-100000@fledge.watson.org>
X-Mailer: Mail User's Shell (7.2.6 beta(5) 10/07/98)
To: Robert Watson <rwatson@FreeBSD.org>,
	Don Lewis <Don.Lewis@tsc.tdk.com>
Subject: Re: cvs commit: src/etc MAKEDEV src/release Makefile
Cc: "Brian F. Feldman" <green@FreeBSD.org>,
	Don Lewis <truckman@FreeBSD.org>, cvs-committers@FreeBSD.org,
	cvs-all@FreeBSD.org
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Nov 5, 12:47pm, Robert Watson wrote:
} Subject: Re: cvs commit: src/etc MAKEDEV src/release Makefile
} 
} On Sun, 5 Nov 2000, Don Lewis wrote:
} 
} > On Nov 5, 11:34am, "Brian F. Feldman" wrote:
} > } Subject: Re: cvs commit: src/etc MAKEDEV src/release Makefile
} > } 
} > } Ack!  The idea of MAKEDEV having a restricted path is to prevent people from 
} > } repeatedly using stuff from /usr/bin etc. in MAKEDEV, which they love to do. 
} > } This change breaks that.  The right thing to do would be to either one of:
} > }   1) Change the default PATH in MAKEDEV to include the fixit floppy's paths.
} > }   2) Make the fixit floppy set MAKEDEVPATH=/sbin:/bin:/mnt2/stand.
} > 
} > Now you tell me ...
} 
} You have to be careful about including "mnt2" in any path: the /mnt*
} directories are used for a variety of purposes, and there are no
} guarantees about ownership.  Having MAKENOD add /mnt* to the path may
} introduce security problems if the media mounted is untrusted or has
} permissions allowing non-privileged users to make changes to its stand
} subtree.  I.e., this path assumes that only trusted FreeBSD install media
} is ever mounted on /mnt2, which is false.  As such I'd strongly object to
} adding mnt2 to the MAKEDEV path.

MAKEDEV already has a hook to change the PATH, $MAKEDEVPATH.  If this
variable is not set, then MAKEDEV just hardwired PATH to /sbin:/bin
(or it did until my previous change).  There was never any code in the
tree that set MAKEDEVPATH.  I'm preparing to commit a change to
sysinstall that will set MAKEDEVPATH to include the /mnt2 stuff
before it kicks off the fixit floppy.

With this fix, MAKEDEV won't normally have /mnt2 in it's path, it will
only be there when run from fixit.  In any case, putting /mnt2 at the
end of the path would be safe, because all the binaries that MAKEDEV
will run will be found in /sbin and /bin which come first, unless
someone has deleted them ...


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message