Subject: Re: NetBSD and devfs
To: David Laight <>
From: Pavel Cahyna <>
List: tech-security
Date: 08/12/2004 09:48:20
On Tue, 06 Jul 2004 23:20:46 +0000, David Laight wrote:
[ originally on netbsd-users@ ]

> The bit I read on Linux devfs I read made it completely broken (the driver
> has to supply the data area for every device it might have...)
> I have thought of doing it - but don't have the time.
> The plan was to copy kernfs - but make the drivers give skeleton
> information for complete sets of entries.  So that items can exist is you
> try to open them, but 'ls' will only show things that it is sane to open.
> Also need to read a file to get non-driver entries and local permission
> changes.

It seems somebody already did something like a piece of devfs - see
/kern/rootdev and /kern/rrootdev . And apparently without caring about
local permission changes.

Isn't it a serious security problem? What if you don't want the group
"operator" to be able to read raw disks?

Bye	Pavel