From owner-cvs-all Mon Feb 16 17:10:31 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA25427 for cvs-all-outgoing; Mon, 16 Feb 1998 17:10:31 -0800 (PST) (envelope-from owner-cvs-all@FreeBSD.ORG) Received: from webfarm1.whistle.com (webfarm1.whistle.com [207.76.204.6]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA25375; Mon, 16 Feb 1998 17:10:15 -0800 (PST) (envelope-from julian@whistle.com) Received: (from smap@localhost) by webfarm1.whistle.com (8.8.5/8.8.5) id RAA20769; Mon, 16 Feb 1998 17:10:13 -0800 (PST) X-Authentication-Warning: webfarm1.whistle.com: smap set sender to using -f Received: from alpo.whistle.com(alpo.isp.whistle.com 207.76.204.38) by webfarm1.whistle.com via smap (V2.0) id xma020767; Mon, 16 Feb 98 17:10:12 -0800 Received: (from daemon@localhost) by alpo.whistle.com (8.8.5/8.8.5) id QAA11304; Mon, 16 Feb 1998 16:51:54 -0800 (PST) Received: from UNKNOWN(), claiming to be "current1.whistle.com" via SMTP by alpo.whistle.com, id smtpd011301; Mon Feb 16 16:51:46 1998 Date: Mon, 16 Feb 1998 16:47:54 -0800 (PST) From: Julian Elischer To: Nate Williams cc: "Justin T. Gibbs" , Mike Smith , "John S. Dyson" , Bruce Evans , dyson@FreeBSD.ORG, wollman@khavrinen.lcs.mit.edu, committers@FreeBSD.ORG, eivind@yes.no Subject: Re: devfs persistence In-Reply-To: <199802162305.QAA25582@mt.sri.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk It's been agreed by all that a security must is the capacity to dissable new arrivals until the administrator is ready to cope with them. (OPTIONAL!) On Mon, 16 Feb 1998, Nate Williams wrote: > > >The prototype mechanism in the current system is implemented in > > >the /dev/MAKEDEV script. DEVFS as it currently stands moves this > > >prototyping into the kernel, and makes it nonconfigurable. > > > > And most people never modify /dev/MAKEDEV. Instead, they simply chmod/ > > chown devices after they are created by MAKEDEV. In a DEVFS scenario, > > you have the same capabilities. > > Except that with MAKEDEV, you don't get to use the device until you make > it, so you never have any significant point in time where the 'defaults' > aren't OK. When they are created by default, you do if they aren't the > same as the kernel. (Think about non-standard devices, or sound stuff > that isn't 'created' by default until it's used, or better yet > PCMCIA/CardBus hardware.) With MAKEDEV the user doesn't get access to > the device until the administratory explicitly creates it, and when he > does he will also modify the defaults if necessary for that machine. > > With DEVFS, no such 'safety' margin exists, since the device is created > possibly with the administrator realizing it. If you provide a way to modify > the 'defaults', then the administrator can be assured that things will > be as open (or closed) as desired w/out having to modify the kernel > sources. > > Not being generic enough is as bad of a problem as being too generic. > > > Nate > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message