Date: Mon, 1 Jun 1998 03:36:36 +0900 (JST) From: Michael Hancock <michaelh@cet.co.jp> To: Terry Lambert <tlambert@primenet.com> Cc: julian@whistle.com, phk@critter.freebsd.dk, current@FreeBSD.ORG Subject: Re: I see one major problem with DEVFS... Message-ID: <Pine.SV4.3.95.980601033450.7241A-100000@parkplace.cet.co.jp> In-Reply-To: <199805311005.DAA20689@usr04.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 31 May 1998, Terry Lambert wrote: > > > Just to get peace over the land again, I think you should implement > > > it so that one can mknod a device again, but discard the dev_t, > > > and use whatever DEVFS knows (better). > > This is a security hole. > > If a device is removed from a chroot environment, it should be impossible > to recreate it. > > The reasoning should be obvious. Why not just control permissions on mknod? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SV4.3.95.980601033450.7241A-100000>