Date: Thu, 23 Oct 1997 15:06:23 -0700 (PDT) From: "Jamil J. Weatherbee" <jamil@trojanhorse.ml.org> To: Terry Lambert <tlambert@primenet.com> Cc: thorpej@nas.nasa.gov, joerg_wunsch@uriah.heep.sax.de, freebsd-hackers@FreeBSD.ORG Subject: Re: Possible SERIOUS bug in open()? (Big time bug) Message-ID: <Pine.BSF.3.96.971023150036.3526A-100000@trojanhorse.ml.org> In-Reply-To: <199710232128.OAA06900@usr05.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 23 Oct 1997, Terry Lambert wrote: > > Yep, tried reading an ioport on my service providers freebsd machine, > > works fine. /dev/io is probably not the first and probably won't be the > > last driver with this problem, in other works force to F_READ or F_WRITE. > > That is precisely what I did in my dio driver because I depend on F_WRITE > > and/or F_READ to be set to tell me about what the user wants. > > I agree; this is a driver issue; the driver should enforce permissions > when the user attempts the outb. No, the user open() should return error for somebody trying to open for not read and not write. /dev/io gives the process IOPL on the basis that it is able to open /dev/io, not do operations on it. I think it is perfectly reasonable for the driver to expect its open method called only if the user has permissions on the file. When you start putting the responsibility on the driver for maintaining the security of the system and not the kernel then your'e just asking for trouble. Much like most drivers do not check to see if the device being passed is valid once it is opened because it should always be valid (under most circumstances). > > > Terry Lambert > terry@lambert.org > --- > Any opinions in this posting are my own and not those of my present > or previous employers. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.971023150036.3526A-100000>