On Fri, Oct 11, 2002, Oliver Neukum <[EMAIL PROTECTED]> wrote: > > > However, the kernel only enforces the privileges. It doesn't set them. > > That is not true. Hotplugging changes it. By assigning new devices > to existing device nodes, the kernel _does_ hand out permissions.
It assigns the permissions that were configured by the user, either implicitly the default, of explictly via devmode=. > Therefore the kernel has to ensure that all permissions are revoked > on the old previously used device node. It cannot depend on a script, > because scripts lack the reliability. Previously used device node? > > > > Failing to set permissions on a device doesn't seem like something that > > > > would qualify for a panic. > > > > > > Failure to set them is not a security problem. > > > Abstractly speaking setting permissions/ownership is handing out > > > priviledges. If that operation fails the system will not function > > > properly, but security is not compromised. > > > > > > Failure to reset permissions is quite another thing. It opens up the > > > possibility that access to other devices is accidentally granted. Wait, let me go back to this. This cannot happen. A completely new device node is created with the defaults assigned previously. This isn't a traditional static /dev. > > You're making the assumption that privileges don't change. > > How so? Could you elaborate ? Unrelated. I forgot to delete that line, sorry. > > I seem to recall a discussion like this in the past, but why can't we > > just change the permissions dynamically as the user logs in and logs out > > of the console? > > That we can do. But it has its own set of problems. > > > The only problem I can think of would be managing multiple users on a > > console. > > Yes. Any other suggestions? devmode= is of limited usefulness. JE ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ [EMAIL PROTECTED] To unsubscribe, use the last form field at: https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
