Date: Sat, 8 Jan 2005 19:54:56 +0100 From: "Simon L. Nielsen" <simon@nitro.dk> To: Pawel Jakub Dawidek <pjd@FreeBSD.org> Cc: freebsd-stable@freebsd.org Subject: Re: GMIRROR can be destroyed by ordinary users Message-ID: <20050108185456.GK13899@zaphod.nitro.dk> In-Reply-To: <20050108183942.GB795@darkness.comp.waw.pl> References: <200501081532.22911.emanuel.strobl@gmx.net> <20050108144117.GC13899@zaphod.nitro.dk> <200501081549.21317.emanuel.strobl@gmx.net> <20050108153313.GF13899@zaphod.nitro.dk> <20050108183942.GB795@darkness.comp.waw.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
--zYjDATHXTWnytHRU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2005.01.08 19:39:42 +0100, Pawel Jakub Dawidek wrote: > On Sat, Jan 08, 2005 at 04:33:14PM +0100, Simon L. Nielsen wrote: > +> I'm not really sure it is expected that you can do that when being in > +> the operator group. >=20 > Yes. If you want to change it you should do: >=20 > # chmod 600 /dev/geom.ctl Being in the operator group only gives read access to /dev/geom.ctl (it's root:operator crw-r-----) so I think it's somewhat counter intuitive that one can stop the mirror without write permission there. Wouldn't it be better to only allow stopping the mirror (and similar) if the user has write access to geom.ctl? phk fixed some similar issues in some of the other GEOM classes not long ago, e.g. geom_bsd.c v. 1.71. --=20 Simon L. Nielsen --zYjDATHXTWnytHRU Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFB4CyAh9pcDSc1mlERApG1AJ4pKAjGJRbD/B4JwuoxE6f6EsNpswCgl6Zb Jh2tgm2nEPslwsDgj1XlIwM= =Um/G -----END PGP SIGNATURE----- --zYjDATHXTWnytHRU--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050108185456.GK13899>