On Thu, 8 Sep 2011 16:23:36 -0400 Canek Peláez Valdés <can...@gmail.com> wrote:
> It is a matter of what else do you end having in /bin and /lib. > Remember that udev rules can execute arbitrary code. Do all that code > needs to be moved to /bin and /lib also? Why should it not move to /bin and /lib? Is there a valid case where udev can and should execute arbitrary code that is completely under the control of a *non-root* user? We are discussing device nodes. That to me is a root-only function. Root can access /. The package manager runs as root. Simply put all code that udev runs into /bin, /sbin and /lib. Why not restrict the location of said code to the one place where root is guaranteed to always be able to get to it? It's a reasonable restriction - the code must be guaranteed to exist on the same partition as /, where it is guaranteed to be accessible. > I keep telling: it is a difficult problem. And I maintain it is the same problem. It is code that is required for a minimal system to run. -- Alan McKinnnon alan.mckin...@gmail.com
