From owner-freebsd-current  Tue Nov 19 14:43: 6 2002
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id D563737B401; Tue, 19 Nov 2002 14:43:04 -0800 (PST)
Received: from gull.mail.pas.earthlink.net (gull.mail.pas.earthlink.net [207.217.120.84])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 73A1B43E75; Tue, 19 Nov 2002 14:43:04 -0800 (PST)
	(envelope-from tlambert2@mindspring.com)
Received: from pool0351.cvx21-bradley.dialup.earthlink.net ([209.179.193.96] helo=mindspring.com)
	by gull.mail.pas.earthlink.net with esmtp (Exim 3.33 #1)
	id 18EH51-0005Fe-00; Tue, 19 Nov 2002 14:42:51 -0800
Message-ID: <3DDABE1D.D1DAA276@mindspring.com>
Date: Tue, 19 Nov 2002 14:41:33 -0800
From: Terry Lambert <tlambert2@mindspring.com>
X-Mailer: Mozilla 4.79 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Poul-Henning Kamp <phk@critter.freebsd.dk>
Cc: Robert Watson <rwatson@FreeBSD.ORG>,
	Bruce Evans <bde@zeta.org.au>, Kris Kennaway <kris@obsecurity.org>,
	kip@eventdriven.org, current@FreeBSD.ORG
Subject: Re: Device permissions with DEVFS
References: <25060.1037735737@critter.freebsd.dk>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

Poul-Henning Kamp wrote:
> >I have to say that the ownership issue has been a pet peeve of mine for
> >some time: I would really like the kernel to know about exactly two magic
> >id values: uid 0 (suser uid, default uid, default devfs owner), and gid 0
> >(default gid, default devfs owner).  Hard-coding of other non-0 values in
> >the kernel leads to many potential (and real) problems.
> 
> While you are right in principle, I think we should not overengineer
> here.
> 
> People who are likely to give operator a different gid are also
> very likely to compile their own kernels (which I admit does not
> solve the 3rd party KLD issue but...)
> 
> Devfs(8) provides a mechanism for setting the m/o/g and a few other
> attributes, and it would in theory be possible to let all devices
> come up 0/0/0 and have /etc/rc set the policy from /etc/rc.

One fix for this would be to have a UID/GID list that's used to
derive both the default uid/gid values in devices, and the contents
of the default passwd file, so that they matched.

It seems to me that this issue is merely one of getting the UNIX
auth database and the default device attributes to agree, right?

-- Terry

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message