On 2008-Aug-09 12:08:42 +0100, Robert Watson <[EMAIL PROTECTED]> wrote: >While /dev/io appeals to the UNIX "everything is a file" sensibility, I think >the system calls we have for this on i386 are more conceptually coherent.
IMO, /dev/io is inherently a kludge - it's really more a MAC issue
than anything like a file. Whilst you get a FD by opening /dev/io,
you never use that FD for anything other than passing to close(2).
Instead, you are using a magic side-effect that allows you to execute
'in' and 'out' instructions whilst you hold that FD open. AFAIK, the
sole reason for having it appear as a file is that (in the absence of
a MAC framework), the filesystem provides the only mechanism for
access control. IMHO, /dev/io should be deprecated in favour of
something like the MAC framework. (Note that i386_{g,s}et_ioperm(2)
are nor suitable in their current form because there is no mechanism
for the system administrator to define access controls).
--
Peter Jeremy
Please excuse any delays as the result of my ISP's inability to implement
an MTA that is either RFC2821-compliant or matches their claimed behaviour.
pgpju7ezlC5gW.pgp
Description: PGP signature
