[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: (Semi-random) thoughts on device tree structure and devfs
On Tue, Mar 09, 2010 at 10:52:17PM -0500, Steven Bellovin wrote:
> On Mar 9, 2010, at 10:43 PM, Masao Uebayashi wrote:
> >> I think that Joerg's proposal doesn't prevent you from doing what you
> >> want, though I don't think it helps, either. He suggested that /dev/uuid
> >> and /dev/label just have symlinks to the usual device file, so no
> >> user-level daemons would be involved.
> > He said it has to be done in userland daemon. :)
> The userland daemon creates the symlinks but not the device files, I thought.
So if you want to lock things down, why not just change the /dev mount to be
read-only? Then bump the securelevel, and whoever the daemon is running as
won't be able to change anything.
Main Index |
Thread Index |