Date: Mon, 28 Feb 2005 04:18:10 -0800 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "Rob" <spamrefuse@yahoo.com>, "FreeBSD questions" <freebsd-questions@freebsd.org> Subject: RE: /dev/io , /dev/mem : only used by Xorg? Message-ID: <LOBBIFDAGNMAMLGJJCKNMEJBFAAA.tedm@toybox.placo.com> In-Reply-To: <20050228111050.17288.qmail@web54007.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Rob > Sent: Monday, February 28, 2005 3:11 AM > To: FreeBSD questions > Subject: Re: /dev/io , /dev/mem : only used by Xorg? > > > What triggered my question, was what I found in the > man page of io: > > The special file /dev/io is a controlled > security hole that allows a process to gain > I/O privileges (which are normally reserved > for kernel-internal code). > > So I thought, if it's not needed (since I have no > X installed), then it better should go. If your server isn't chained to a steel post set in concrete then it is a security risk to put data on it because someone might steal it and read all your data. Unfortunately, too many people read the words "security hole" and their brain short-circuits and they stop thinking. It is possible to argue that any possible thing you do in your life from getting up in the morning and taking a dump to going to bed at night is a security risk. It is possible to make people do a lot of ignorant and stupid things (at least in the United States) right now by waving around the security flag. Just because something appears to not be used is no good reason for removing it. If it really was useless it wouldn't be there in the first place. Ted
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?LOBBIFDAGNMAMLGJJCKNMEJBFAAA.tedm>