Date: Sun, 31 May 1998 21:05:05 +0000 (GMT) From: Terry Lambert <tlambert@primenet.com> To: michaelh@cet.co.jp (Michael Hancock) Cc: tlambert@primenet.com, julian@whistle.com, phk@critter.freebsd.dk, current@FreeBSD.ORG Subject: Re: I see one major problem with DEVFS... Message-ID: <199805312105.OAA13664@usr06.primenet.com> In-Reply-To: <Pine.SV4.3.95.980601033450.7241A-100000@parkplace.cet.co.jp> from "Michael Hancock" at Jun 1, 98 03:36:36 am
next in thread | previous in thread | raw e-mail | index | archive | help
> > If a device is removed from a chroot environment, it should be impossible > > to recreate it. > > > > The reasoning should be obvious. > > Why not just control permissions on mknod? I think Julian should discuss his security model before we dive into this, but I can't see a circumstance where it would be legitimate to create a device with mknod, yet not possible to create it with the link(2) system call instead, using the template devfs. It seems to me that mknod is redundant (but mkfifo isn't). Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199805312105.OAA13664>