Date: Thu, 14 Feb 2008 10:12:52 +0000 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: Ed Schouten <ed@fxq.nl> Cc: FreeBSD Arch <freebsd-arch@freebsd.org> Subject: Re: Proposal for redesigning the TTY layer Message-ID: <23696.1202983972@critter.freebsd.dk> In-Reply-To: Your message of "Thu, 14 Feb 2008 11:08:40 %2B0100." <20080214100840.GQ1340@hoeg.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20080214100840.GQ1340@hoeg.nl>, Ed Schouten writes: >> Move prison checks into devfs >> >> They do not belong in DEVFS, since that would require DEVFS to know >> far more about the device semantics if the individual drivers than >> it ever should. >> >> You can put it in the generic tty layer if you want, that would be >> emminently sensible, but DEVFS is the wrong place for it. > >The reason why I was thinking about this, was because devfs already >stores per-device credentials (see cdevsw's si_cred field). Say, we want >to expose other resources through devfs (/dev/shm/..., etc), we could >also prevent access from other prisons there as well. The problem is that you need to tie several cdevs together in a way devfs can see, pts%d to ptm%d and so on. That level of visibility into the device' internal workings is complex to provide in devfs, if nothing else for locking reasons, and it is trivial to implemented in the relevant device driver, where all of the tied devices are very likely have shared softc data structure and locking. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?23696.1202983972>