Thor Lancelot Simon wrote:
> On Thu, Oct 12, 2006 at 06:23:42PM +0900, YAMAMOTO Takashi wrote:
>>>> what's the semantics of it?  "can access any disks"?
>>> Well, I was thinking the semantics should be the "worse case" because we
>>> don't really know anything more than that raw disk access was required
>>> and the access modes -- we can't tell if it's mounted or not, etc.
>> i agree.
>> and it's why i don't think it's a good idea.
>> it's better to require caller to specify a device.
> 
> I agree.  Preserving the old securelevel 1 semantics would seem to require
> this, no?
> 
> Those semantics _should_ allow read/write access to unmounted devices
> while protecting the TCB, so it would be nice to be able to keep them.

How do you plan on telling if the device is for a mounted file-system?

-e.

-- 
Elad Efrat