Re: CVS commit: src/etc

[Jason Thorpe <thorpej%me.com@localhost>]

This should definitely be a post-install fix.

-- thorpej
Sent from my iPhone.

> On Jul 21, 2018, at 9:58 AM, Thomas Klausner <tk%giga.or.at@localhost> wrote:
> 
> Is this something that we should let postinstall fix?
> Or what is the upgrade strategy for the users not reading source-changes?
> Thomas
> 
>> On Sat, Jul 21, 2018 at 07:46:57AM +0000, Maxime Villard wrote:
>> Module Name:    src
>> Committed By:    maxv
>> Date:        Sat Jul 21 07:46:56 UTC 2018
>> 
>> Modified Files:
>>    src/etc: MAKEDEV.tmpl
>> 
>> Log Message:
>> Create /dev/ksyms as "440 $g_kmem". This prevents unprivileged users from
>> reading the kernel symbols. Discussed in January 2018 on tech-kern@,
>> reported by maya@, tested by tih@.
>> 
>> 
>> To generate a diff of this commit:
>> cvs rdiff -u -r1.190 -r1.191 src/etc/MAKEDEV.tmpl
>> 
>> Please note that diffs are not public domain; they are subject to the
>> copyright notices on the relevant files.
>> 
> 
>> Modified files:
>> 
>> Index: src/etc/MAKEDEV.tmpl
>> diff -u src/etc/MAKEDEV.tmpl:1.190 src/etc/MAKEDEV.tmpl:1.191
>> --- src/etc/MAKEDEV.tmpl:1.190    Sun May 20 14:08:33 2018
>> +++ src/etc/MAKEDEV.tmpl    Sat Jul 21 07:46:56 2018
>> @@ -1,5 +1,5 @@
>> #!/bin/sh -
>> -#    $NetBSD: MAKEDEV.tmpl,v 1.190 2018/05/20 14:08:33 thorpej Exp $
>> +#    $NetBSD: MAKEDEV.tmpl,v 1.191 2018/07/21 07:46:56 maxv Exp $
>> #
>> # Copyright (c) 2003,2007,2008 The NetBSD Foundation, Inc.
>> # All rights reserved.
>> @@ -940,7 +940,7 @@ std)
>>    mkdev        full    c %mem_chr% 11    666
>>    mkdev        zero    c %mem_chr% 12    666
>>    mkdev        klog    c %log_chr% 0    600
>> -    mkdev        ksyms    c %ksyms_chr% 0 444
>> +    mkdev        ksyms    c %ksyms_chr% 0 440 $g_kmem
>>    mkdev        random    c %rnd_chr% 0    444
>>    mkdev        urandom    c %rnd_chr% 1    644
>>    if ! $fdesc_mounted; then
>> 
>