Re: DEVFSv50 and /dev/fb? (or /dev/fb/? ???)
Richard Gooch (Richard.Gooch@atnf.CSIRO.AU)
Tue, 11 Aug 1998 15:43:46 +1000
Raul Miller writes:
> Richard Gooch <Richard.Gooch@atnf.CSIRO.AU> wrote:
> > > > Note that if you have a configuration which uses devfs solely for
> > > > its role as an information service provider for devfsd, (i.e. you
> > > > keep using a disc-based /dev) then one of the things you loose is the
> > > > ability to lookup non-existent device nodes in /dev and have modules
> > > > automatically loaded by kmod.
> ...
> > I'm afraid I don't quite see what you're getting at here. Could you
> > please rephrase it somehow?
>
> My point is that once you've taken into account requirements for browsing
> (is the hardware installed correctly?) and security (who's allowed to
> bring up a piece of hardware?), you're way outside the scope of what
> you can do with the ability to lookup non-existent device nodes in /dev
> causing modules to be automatically loaded by kmod.
There could be similar potential security problems with ordinary
disc-based device nodes and kmod too, it would seem. Also, a device
driver should fail safely if a piece of hardware is not installed
correctly. Further, a system should still be safe/secure if a module
is loaded, otherwise the driver is broken.
Just because a module is loaded doesn't mean that some random user can
open the device node and frob it.
Regards,
Richard....
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html