Date: Mon, 26 Nov 2001 22:37:21 -0800 (PST) From: Matthew Jacob <mjacob@feral.com> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: arch@FreeBSD.org Subject: Re: Anybody working on devd? Message-ID: <Pine.BSF.4.21.0111262232470.71581-100000@beppo> In-Reply-To: <200111270325.fAR3P6e25466@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Again, this seems wrong to me, but maybe I'm just lacking sleep right now. It seems to me that permissions set by the driver are meaningless if you then want the userland daemon to set 'real' policy- remember that there's a time gap between creating the node (in the driver) and the userland daemon setting the 'real' mode. Seems to me that you should then go further (if the device driver isn't really the owner of mode setting)- make this a ring system where drivers create nodes that only other entities in the kernel see- but it becomes a userland devd that makes them visible to the user applications. More like solaris or the AIX model (I *think* for the latter- just inferring from what I see from user space - haven't seen AIX source code). -matt On Mon, 26 Nov 2001, Garrett Wollman wrote: > In article <20011126230600$59b3@traf.lcs.mit.edu> you write: > > >It seems to me wrong to do 'adjustments'. Either you have a model that trusts > >drivers to do the right thing when the call make_dev, or you don't. > > My site policy about what permissions certain device nodes should have > should not, and in some cases probably cannot, be written directly > into a device driver. The driver should use the most conservative > possible settings -- in most cases, root:wheel/600 -- and let > user-land code apply whatever policy is desired. We already have > mechanisms for expressing some of that policy (e.g., /etc/fbtab) but > it's not cognizant of transient devices. That's part of the problem > which needs to be solved. > > -GAWollman > > -- > Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same > wollman@lcs.mit.edu | O Siem / The fires of freedom > Opinions not those of| Dance in the burning flame > MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0111262232470.71581-100000>