From owner-freebsd-current  Tue Nov 19 12:22:54 2002
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2705137B401
	for <current@FreeBSD.ORG>; Tue, 19 Nov 2002 12:22:53 -0800 (PST)
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 22AAD43EA3
	for <current@FreeBSD.ORG>; Tue, 19 Nov 2002 12:22:52 -0800 (PST)
	(envelope-from robert@fledge.watson.org)
Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.12.6/8.12.5) with SMTP id gAJKMUBF019519;
	Tue, 19 Nov 2002 15:22:30 -0500 (EST)
	(envelope-from robert@fledge.watson.org)
Date: Tue, 19 Nov 2002 15:22:30 -0500 (EST)
From: Robert Watson <rwatson@FreeBSD.ORG>
X-Sender: robert@fledge.watson.org
To: Poul-Henning Kamp <phk@critter.freebsd.dk>
Cc: Bruce Evans <bde@zeta.org.au>,
	Kris Kennaway <kris@obsecurity.org>, kip@eventdriven.org,
	current@FreeBSD.ORG
Subject: Re: Device permissions with DEVFS 
In-Reply-To: <25060.1037735737@critter.freebsd.dk>
Message-ID: <Pine.NEB.3.96L.1021119152129.98618C-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG


On Tue, 19 Nov 2002, Poul-Henning Kamp wrote:

> In message <Pine.NEB.3.96L.1021119124035.60013B-100000@fledge.watson.org>, Robe
> rt Watson writes:
> 
> >> > No, the default permissions are specified in the driver source code
> >> > via make_dev().
> >> 
> >> The drivers only get the magic numbers for uids and gids from a central
> >> file.  This is bad enough.  I think all devices should have ownership
> >> root:wheel and mode 0600, but that would increase the problems with
> >> non-persistent attributes.  devfs(8) may be able to handle this now. 
> >
> >I have to say that the ownership issue has been a pet peeve of mine for
> >some time: I would really like the kernel to know about exactly two magic
> >id values: uid 0 (suser uid, default uid, default devfs owner), and gid 0
> >(default gid, default devfs owner).  Hard-coding of other non-0 values in
> >the kernel leads to many potential (and real) problems. 
> 
> I think we should stick to the current slightly "hackish" way, possibly
> with the modification that the security-officer gang gets to rule what
> exact m/o/g devices in the FreeBSD cvs tree should have. 

I'm not suggesting we change to this model at this point, or at any
particular point in the future, it's just a pet peeve that someday I'd
like to address :-).

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Network Associates Laboratories


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message