[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-kernel
Subject:    Re: DEVFSv50 and /dev/fb? (or /dev/fb/? ???)
From:       Richard Gooch <rgooch () atnf ! csiro ! au>
Date:       1998-08-20 3:19:35
[Download RAW message or body]

Raul Miller writes:
> Richard Gooch <rgooch@atnf.csiro.au> wrote:
> > This seems to be contrary to the accepted view by security people
> > which is to close of the holes *fast* and then worry about evidence. I
> > think the consensus is that "evidence" does not translate into
> > convictions (unless you are lucky and the cracker is in the same
> > state/country as you and has left other clues lying around).
> 
> What?
> 
> You're talking about losing information at reboot, not any kind of
> immediate fix.  That's security by coincidence, at best.
> 
> Furthermore, you're talking about "correcting" changes introduced by root.
> That's *never* a security fix.  That barely even counts as security by
> obscurity.

No, you're missing the point. It is a valid working environment where
you don't save/change permissions (the defaults are adequate). Hence
the basic devfs mechanism of regenerating permissions upon boot is an
advantage in this case.
In a different working environment where you *do* frob the
permissions, you lose this advantage of course. You in effect have
the same behaviour as disc-based device nodes.

Nevertheless, the default devfs behaviour does have it's advantages.

				Regards,

					Richard....

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

[prev in list] [next in list] [prev in thread] [next in thread]