Date: Wed, 30 May 2001 03:55:52 +0100 From: Brian Somers <brian@Awfulhak.org> To: freebsd-arch@FreeBSD.org, phk@FreeBSD.org Cc: Brian Somers <brian@Awfulhak.org> Subject: How to handle cloning in a pseudo device. Message-ID: <200105300255.f4U2tqH13615@hak.lan.Awfulhak.org>
next in thread | raw e-mail | index | archive | help
Hi,
I've been working on making tun clone properly and have come up with
a perplexing problem (well, perplexing to me).
As tun currently works, it calls make_dev() from the clone routine.
If a non-root user does (say) ``touch /dev/tun100'', the clone routine
is called, /dev/tun100 is make_dev()d with root/wheel/600 permissions
and the d_open routine is never called because the user doesn't have
permission to open.
One way to solve this might be to allocate the softc from the clone
routine, but this means that a rogue user can go into /dev and
potentially run the system out of memory with a quick ``touch'' loop.
Another way would be to keep a light weight list of make_dev()d-but-
not-yet-created units. rman springs to mind (8*D), but there's no
mechanism in rman for retrieving used resources - just for retrieving
unused ones, and besides, a thoughtful user could touch every even
numbered tun device and provide the same benefits.
Perhaps the best way is to introduce a failed-to-open EVENTHANDLER
that'll get called when d_open isn't called for whatever reason.
Thoughts ?
Cheers.
--
Brian <brian@Awfulhak.org> <brian@[uk.]FreeBSD.org>
<http://www.Awfulhak.org>; <brian@[uk.]OpenBSD.org>
Don't _EVER_ lose your sense of humour !
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200105300255.f4U2tqH13615>