Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: How kauth can make meaningful decisions about passthru ioctls
From: Steven M. Bellovin (smbcs.columbia.edu)
Date: Thu Nov 30 2006 - 07:52:32 CST
On Thu, 30 Nov 2006 15:10:25 +0200
Elad Efrat <eladNetBSD.org> wrote:
> Thor Lancelot Simon wrote:
> > Sure. We're concerned about what the ioctl being passed-through
> > could cause the device to do. Think about what amr(4) would have
> > to do if it didn't know how to parse the sub-commands: it'd have to
> > tell the listener "it could be any of these: ..." .
> > We could, I suppose, order the commands from "safest" to "most
> > dangerous" and require that the question indicate the "most
> > dangerous". But what's "more dangerous", writing the device data
> > or writing the device configuration? I think a similar issue
> > exists even for read.
> sounds logical. unless someone objects, I'll come up with a diff.
What sounds logical? An ordering? I don't think it makes much sense
at all. What's wrong with a bitmask?
--Steve Bellovin, http://www.cs.columbia.edu/~smb