From owner-freebsd-questions@FreeBSD.ORG Mon Feb 28 12:18:10 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9C6C316A4CE for ; Mon, 28 Feb 2005 12:18:10 +0000 (GMT) Received: from mail.freebsd-corp-net-guide.com (mail.freebsd-corp-net-guide.com [65.75.192.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id 28ED943D49 for ; Mon, 28 Feb 2005 12:18:10 +0000 (GMT) (envelope-from tedm@toybox.placo.com) Received: from tedwin2k (nat-rtr.freebsd-corp-net-guide.com [65.75.197.130]) j1SCICb16121; Mon, 28 Feb 2005 04:18:12 -0800 (PST) (envelope-from tedm@toybox.placo.com) From: "Ted Mittelstaedt" To: "Rob" , "FreeBSD questions" Date: Mon, 28 Feb 2005 04:18:10 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) In-Reply-To: <20050228111050.17288.qmail@web54007.mail.yahoo.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1478 Importance: Normal Subject: RE: /dev/io , /dev/mem : only used by Xorg? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Feb 2005 12:18:10 -0000 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Rob > Sent: Monday, February 28, 2005 3:11 AM > To: FreeBSD questions > Subject: Re: /dev/io , /dev/mem : only used by Xorg? > > > What triggered my question, was what I found in the > man page of io: > > The special file /dev/io is a controlled > security hole that allows a process to gain > I/O privileges (which are normally reserved > for kernel-internal code). > > So I thought, if it's not needed (since I have no > X installed), then it better should go. If your server isn't chained to a steel post set in concrete then it is a security risk to put data on it because someone might steal it and read all your data. Unfortunately, too many people read the words "security hole" and their brain short-circuits and they stop thinking. It is possible to argue that any possible thing you do in your life from getting up in the morning and taking a dump to going to bed at night is a security risk. It is possible to make people do a lot of ignorant and stupid things (at least in the United States) right now by waving around the security flag. Just because something appears to not be used is no good reason for removing it. If it really was useless it wouldn't be there in the first place. Ted