In message <20051015195057.GA23978@panix.com>, Thor Lancelot Simon writes:
>On Sat, Oct 15, 2005 at 02:06:34PM -0400, Steven M. Bellovin wrote:
>>
>> difficult-to-avoid consequence of other code.  The other problem with a 
>> non-writable /dev is that various parts of the system can't do chown() 
>> calls on, say, ttys; for an appliance box, that's a lot less relevant,
>> as long as it doesn't block console and ssh login.
>
>That is why Christos wrote ptyfs.
>
I'll take your word for it, though that wasn't what he said when he 
announced it (http://mail-index.netbsd.org/tech-kern/2004/11/08/0016.html)
But it doesn't help with real ttys, /dev/null, and probably others I 
didn't encounter while fighting things.

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb