--bg08WKrSYDhXBjb5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Jonathan Stone wrote:

> When I put on my security-conscious hat, my first, second, and third
> take on the matter are to `Just say No', and to go with persistent
> in-filesystem device inodes.

How is a non-writable,non-remountable static /dev different from=20
a non-writable, system immutable devfs configuration file?

I'm not not the most security conscious admin around, but in my book,
having anything writable (that is, outside the kernel) define the
mapping between names and devices doesn't sound to good. I think that
devfs is better in this respect, because it makes the kernel define
the name-device relation.

Maybe somebody can explain to me why this isn't true.

Regards,
	-is

--bg08WKrSYDhXBjb5
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: 2.6.i

iQEVAgUBQawzqTCn4om+4LhpAQGTpwf/YHalCzeyFnbLlZ0chJNs/XbXsG/iBuQR
Zs+2DCa9qQypZZ/4tZfO3ZaGs5s4jzWH3wJ0HN1VkPFKnLq8pRU24crIJzZi1/b5
aOtW+7Simp4P50GXNRyw4tEuoVcJiOnsG+2tMBPSYOVWtu29DXW544gRiJcGesvI
NbEVGDxrxlOa9zcOB0EJ9/kqAgNvUZusRDhSBNmdcy61k/LJuznXrzNukgz34ohe
w0lHiOvk/HU/vuzLhixNrcyacnz50C1H9dVmTO+x5c4GVxI4DKgyTJfcsuaHws3n
ceSKbT+M3RM8YZ1Zn2/R7UF5iFUGkiWsB+f7VHzsdWGuQwY+LgdjdA==
=HKh0
-----END PGP SIGNATURE-----

--bg08WKrSYDhXBjb5--