Gary Winiger wrote:
>> What's more, the software being proposed here does not need special
>> privileges to operate; if some sort of device allocation/object reuse
>> controls need to happen, they would need to happen in trusted privileged
>> code at device open time.
>
> If the device allocation subsystem is in effect, the user is
> required to be authorized, chkauthattr(3SECDB) to have access
> to devices under its control.
>
> I suppose you could argue that the project teams that integrate
> devices needing object reuse into Solaris are not responsible.
> Please convince your (and my) director that the responsibility
> lies somewhere else.
Another way to deal with object reuse would be for the driver to ensure
that data leftover from one use of the device is not accessible to
subsequent users. That seems like a more workable solution than device
allocation. A similar argument could be made about /dev/audio.
Do we have reason to believe that the proposed implementation doesn't
*already* comply with the object reuse requirement?
Scott
