>
> Currently, vndioctl requires root privilege always.  Do you remind
> why?  Other disk device doesn't do that, and I guess if one has enough
> privilege for device and target file, no reason to refuse it.
>
first you must make sure no panic is possible if you will for example
truncate file that is vnconfig'ured, if ioctl do check if file size isn't
smaller than product of sector size*spt*tpc*cyls etc...

i'm sure no one bothered to make that checks, so security holes are
possible