From owner-freebsd-arch  Wed May 30  1:39: 7 2001
Delivered-To: freebsd-arch@freebsd.org
Received: from Awfulhak.org (awfulhak.demon.co.uk [194.222.196.252])
	by hub.freebsd.org (Postfix) with ESMTP
	id 9D8BA37B43C; Wed, 30 May 2001 01:38:49 -0700 (PDT)
	(envelope-from brian@Awfulhak.org)
Received: from hak.lan.Awfulhak.org (root@hak.lan.Awfulhak.org [172.16.0.12])
	by Awfulhak.org (8.11.3/8.11.3) with ESMTP id f4U8cRY74935;
	Wed, 30 May 2001 09:38:27 +0100 (BST)
	(envelope-from brian@lan.Awfulhak.org)
Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1])
	by hak.lan.Awfulhak.org (8.11.3/8.11.3) with ESMTP id f4U8cQH31659;
	Wed, 30 May 2001 09:38:26 +0100 (BST)
	(envelope-from brian@hak.lan.Awfulhak.org)
Message-Id: <200105300838.f4U8cQH31659@hak.lan.Awfulhak.org>
X-Mailer: exmh version 2.3.1 01/18/2001 with nmh-1.0.4
To: Brian Somers <brian@Awfulhak.org>
Cc: freebsd-arch@FreeBSD.org, phk@FreeBSD.org, brian@Awfulhak.org
Subject: Re: How to handle cloning in a pseudo device. 
In-Reply-To: Message from Brian Somers <brian@Awfulhak.org> 
   of "Wed, 30 May 2001 03:55:52 BST." <200105300255.f4U2tqH13615@hak.lan.Awfulhak.org> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 30 May 2001 09:38:26 +0100
From: Brian Somers <brian@Awfulhak.org>
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-arch.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-arch>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-arch>
X-Loop: FreeBSD.ORG

> Hi,
> 
> I've been working on making tun clone properly and have come up with 
> a perplexing problem (well, perplexing to me).
> 
> As tun currently works, it calls make_dev() from the clone routine.  
> If a non-root user does (say) ``touch /dev/tun100'', the clone routine 
> is called, /dev/tun100 is make_dev()d with root/wheel/600 permissions 
> and the d_open routine is never called because the user doesn't have 
> permission to open.
> 
> One way to solve this might be to allocate the softc from the clone 
> routine, but this means that a rogue user can go into /dev and 
> potentially run the system out of memory with a quick ``touch'' loop.
> 
> Another way would be to keep a light weight list of make_dev()d-but-
> not-yet-created units.  rman springs to mind (8*D), but there's no 
> mechanism in rman for retrieving used resources - just for retrieving 
> unused ones, and besides, a thoughtful user could touch every even 
> numbered tun device and provide the same benefits.
> 
> Perhaps the best way is to introduce a failed-to-open EVENTHANDLER 
> that'll get called when d_open isn't called for whatever reason.

I guess another alternative is to use dev_depends and depend on a 
not-otherwise-used (tunctl?) device.

> Thoughts ?

-- 
Brian <brian@Awfulhak.org>                        <brian@[uk.]FreeBSD.org>
      <http://www.Awfulhak.org>                   <brian@[uk.]OpenBSD.org>
Don't _EVER_ lose your sense of humour !



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message