In message <20041127082931.GC26966@jodi.nimenees.com>Eric Haszlakiewicz writes
>On Fri, Nov 26, 2004 at 01:23:08PM -0800, Jonathan Stone wrote:
>> As someone -- perhaps Daniel Carosone -- guessed at: think of an
>> hardened embedded device (not unlike the hardened routers Thor
>> sometimes talks about) The kind of embedded-device where perhaps you
>> already have filesystems set up as either executable, or non-writable,
>> or both.  (For a second example, think of a chroot jail in such an
>> appliance.)
>

>	Could you explain this a bit more please.  I'm not quite understanding
>how this requires an old-style device node.  

The above was an example of the kinds of systems where devfs is (for
some people and some applications, if not others) not acceptable.

The reasons for (for example) setting up all mounts as
write-xor-execute are the same reasons which lead qualified,
well-informed people to decide to ``Just Say No'' to devfs in such
hardened, more-or-less embedded applications.


[...]

>	Of course, this is more complicated than just having the limited
>number of necessary device nodes already present in the chroot environments.
>(two steps: setup chroot /dev & setup fstab, vs just the first)
>I can see how that argument has some merit, but it doesn't sound like
>a complete non-starter to me.

If you have applications where you care enough about security to go as
far as building an mfs-root and partitioning filesystems so that
executable filesystems aren't writable, and auditing those mfs
partitions (or chroot jails, or whatever), there can be very good
reasons to not want a dynamic devfs _at all_.

Don't get me wrong. I don't wish, at all, to stop anyone who wants a
dynamic devfs to use one. What I want is the ability to configure a
system without a dynamic devfs at all, and to use a carefully-crafted,
static /dev or chroot /dev --- for those who decide that best meets
their needs.