Date: Wed, 2 Oct 2002 16:27:25 +1000 (EST) From: Bruce Evans <bde@zeta.org.au> To: Poul-Henning Kamp <phk@critter.freebsd.dk> Cc: Brooks Davis <brooks@one-eyed-alien.net>, <current@FreeBSD.ORG> Subject: Re: HEADSUP! GEOM as default in 5 days... Message-ID: <20021002162324.Q4432-100000@gamplex.bde.org> In-Reply-To: <46929.1033535557@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 2 Oct 2002, Poul-Henning Kamp wrote: > In message <20021002122851.K3584-100000@gamplex.bde.org>, Bruce Evans writes: > >One reason I have no confidence in devfs is that its quality is such as > >to get things like this wrong. There are magic ownerships and permissions > >in the source code for N drivers where they are hard to audit. > > > >The acd driver still uses the insecure mode 0644 despite this being > >reported a few years ago. World readability is especially insecure > >for acd since it gives some write access via some ioctls. E.g., > >everyone has permission to erase writable media. > > This is _not_ a DEVFS issue, this is a device driver issue. It is a devfs issue that devfs moves things into the kernel where they harder to control and more fatal if they are got wrong. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021002162324.Q4432-100000>