Date: Wed, 28 Nov 2001 19:41:35 +0100 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: mjacob@feral.com Cc: arch@FreeBSD.ORG Subject: Re: Anybody working on devd? Message-ID: <38091.1006972895@critter.freebsd.dk> In-Reply-To: Your message of "Wed, 28 Nov 2001 10:23:40 PST." <Pine.BSF.4.21.0111281021280.87220-100000@beppo>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.4.21.0111281021280.87220-100000@beppo>, Matthew Jacob writes: > >There's a race between some joblow driver setting completely loose permissions >and devd setting the policy based ones. This is a security hole. This is what >I meant by "either you trust the driver or you don't". The consensus here is >that "we don't". > >Therefore, internally make_dev uses 0/0 600 as default- not settable by >driver. The default policy for picobsd would be 666 I assume. Guys, Witht rules system I'm proposing you can have "any of the above" if you want. No matter which single one we choose, it is inadequate for one or more of the other cases. It needs to be possible to specify a policy and the default policy if you don't do that need to be sensible. If anyone has a better suggestion how to express the policy than by sticking rules like I proposed into the kernel from a userland program, I'm all ears... -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38091.1006972895>