Date: Thu, 17 Oct 1996 22:18:51 +1000 From: Bruce Evans <bde@zeta.org.au> To: msmith@atrad.adelaide.edu.au, terry@lambert.org Cc: freebsd-hackers@FreeBSD.org, jehamby@lightside.com, jkh@time.cdrom.com, jsigmon@www.hsc.wvu.edu Subject: Re: FreeBSD 2.2.x release question Message-ID: <199610171218.WAA27185@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>The issue with persistence is that not everyone is happy with the >default permissions puked up by the drivers. Our embedded boxes, for >example, want /dev/io 0660, which would be insane for a production >system. Not much more insane than the existence of /dev/io :-). > >In essence, the "persistence" for devfs needs to hold : > > - ownership > - permissions > - symlinks > >IMHO, there's nothing there that can't be achieved with a script >argument to mount_devfs, although it could be argued that because the Nothing that can't be achieved with a script argument to /bin/sh. >devfs has to be mounted before the script could be processed there is >a potential window of vulnerability there. The initial permissions must be highly secure so that there is no window. root.wheel with permissions 000 would be best. Then there would be no possible holes and no policy about ownerships or permissions in the kernel. (The kernel currently has the uid and gid of uucp and dialer hard-coded :-(.) However, this would require a huge script. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610171218.WAA27185>