Date: Tue, 18 Mar 2014 12:29:32 -0700 From: Maksim Yevmenkin <emax@freebsd.org> To: "current@freebsd.org" <current@freebsd.org> Subject: [rfc] /dev/devstat permissions patch Message-ID: <CAFPOs6pAfrmN8U0jWn%2BoTLDWg%2B-U%2BhjLr5fuq-Fw1Q_jrmqc0Q@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
hello,
would anyone object to the following patch?
==
Index: subr_devstat.c
===================================================================
--- subr_devstat.c (revision 263311)
+++ subr_devstat.c (working copy)
@@ -503,7 +503,7 @@
mtx_assert(&devstat_mutex, MA_NOTOWNED);
if (!once) {
make_dev_credf(MAKEDEV_ETERNAL | MAKEDEV_CHECKNAME,
- &devstat_cdevsw, 0, NULL, UID_ROOT, GID_WHEEL, 0400,
+ &devstat_cdevsw, 0, NULL, UID_ROOT, GID_WHEEL, 0444,
DEVSTAT_DEVICE_NAME);
once = 1;
}
==
i'm not sure why /dev/devstat has such restrictive permissions. can
someone please explain the reason for it? having gstat(8) require
super-user privilege seems like an overkill me. iostat(8) and
systat(1) do not require super-user privileges to work.
and, yes, i know i can override permissions with /etc/devfs.conf, just
curious what are we protecting from in /dev/devstat
thanks,
max
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFPOs6pAfrmN8U0jWn%2BoTLDWg%2B-U%2BhjLr5fuq-Fw1Q_jrmqc0Q>