From owner-cvs-all  Wed Jan 31 10:44:22 2001
Delivered-To: cvs-all@freebsd.org
Received: from meow.osd.bsdi.com (meow.osd.bsdi.com [204.216.28.88])
	by hub.freebsd.org (Postfix) with ESMTP
	id B4FE737B4EC; Wed, 31 Jan 2001 10:44:03 -0800 (PST)
Received: from laptop.baldwin.cx (john@jhb-laptop.osd.bsdi.com [204.216.28.241])
	by meow.osd.bsdi.com (8.11.1/8.9.3) with ESMTP id f0VIbo315411;
	Wed, 31 Jan 2001 10:37:51 -0800 (PST)
	(envelope-from jhb@FreeBSD.org)
Message-ID: <XFMail.010131104317.jhb@FreeBSD.org>
X-Mailer: XFMail 1.4.0 on FreeBSD
X-Priority: 3 (Normal)
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
In-Reply-To: <200101311528.KAA65294@khavrinen.lcs.mit.edu>
Date: Wed, 31 Jan 2001 10:43:17 -0800 (PST)
From: John Baldwin <jhb@FreeBSD.org>
To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Subject: Re: cvs commit: src/sys/dev/ata ata-disk.c
Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org,
	Andrzej Bialecki <abial@webgiro.com>
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


On 31-Jan-01 Garrett Wollman wrote:
> <<On Wed, 31 Jan 2001 10:19:57 +0100 (CET), Andrzej Bialecki
> <abial@webgiro.com> said:
> 
>> Maybe what you want is the sysctl_add_oid(9)?
> 
> No, sysctl(3) should not be used to control device drivers.  That is a
> job for ioctl(2).  sysctl(3) has (or should have) an all-or-nothing
> security model: either the user is privileged, and can do anything, or
> the user is not privileged, and can do nothing.  ioctl(2) provides for
> a better security model: whatever permissions the filesystem has for
> the device node in question.

This doesn't allow different ioctl's to have different permissions.
Using ACL's on sysctl's (an inteface for this can be gotten via a
sysctlfs rather easily now that we have ACL's for filesystems) does
allow this level of control.  Not to mention setting an arbitary
sysctl is quite easy via sysctl(8), whereas I have to go write some
program in C to do each kind of ioctl(2) if I want to go tweak something.
Then I have to go hack /etc/rc to make sure my custom program gets called
early enough, or if it can wait, I create a script to run my program and
stick that script in /usr/local/etc/rc.d/.  Or I make a one line change
to /etc/sysctl.conf or to /boot/laoder.conf if it is a loader tunable
that I want to be set early.

> -GAWollman

-- 

John Baldwin <jhb@FreeBSD.org> -- http://www.FreeBSD.org/~jhb/
PGP Key: http://www.baldwin.cx/~john/pgpkey.asc
"Power Users Use the Power to Serve!"  -  http://www.FreeBSD.org/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message