andi payn wrote:
Now hold on. The standard (by which I you mean POSIX? or one of the UNIX
standards?) doesn't say that you can't have an additional flag called
O_NOACCESS with whatever value and meaning you want.
A strictly conforming implementation can not expose things into
the namespace
M. Warner Losh wrote:
Rewind units on tape drives? If there's no access check done, and I
open the rewind unit as joe-smoe? The close code is what does the
rewind, and you don't have enough knowledge to know if the tape was
opened r/w there.
Which brings up the idea of passing fp-fd_flags
a manifest constant specifying a conformance level
is in scope.
Yes. As I mentioned at the beginning, you don't get O_NOACCESS in linux
by pulling in the standard headers, and I wasn't suggesting anything
different.
[...]
Not justnot portable, but fails to conform to standards.
Note
On Sat, 2003-11-01 at 13:44, Terry Lambert wrote:
M. Warner Losh wrote:
Rewind units on tape drives? If there's no access check done, and I
open the rewind unit as joe-smoe? The close code is what does the
rewind, and you don't have enough knowledge to know if the tape was
opened r/w
andi payn wrote:
As far as I can tell, FreeBSD doesn't have anything equivalent to
linux's O_NOACCESS (which is not in any of the standard headers, but
it's equal to O_WRONLY | O_RDWR, or O_ACCMODE). In linux, this can be
used to say, give me an fd for this file, but don't try to open
On Thu, Oct 30, 2003 at 07:46:38AM -0800, andi payn wrote:
In FreeBSD, this doesn't work; you just get EINVAL.
I believe this is because of a security problem discovered a few
years ago, where you could open a file like /dev/io for neither
read nor write but still get the special privelages
the
superuser can open /dev/io device, no matter what permissions are on it.
And the manpage says that this restriction is there. Of course it would
be a good idea to check the code and make sure this really is true
before (re-?)enabling O_NOACCESS.
Are there any other special devices like
In message: [EMAIL PROTECTED]
andi payn [EMAIL PROTECTED] writes:
: On Fri, 2003-10-31 at 08:27, David Malone wrote:
: On Thu, Oct 30, 2003 at 07:46:38AM -0800, andi payn wrote:
: In FreeBSD, this doesn't work; you just get EINVAL.
:
: I believe this is because of a security
) manpage says:
In addition to any file access permissions on /dev/io, the kernel
enforces that only the super-user may open this device.
If this is not true--and especially if it's not true by design--then the
manpage ought to be changed.
If O_NOACCESS were added, and /dev/io were not changed
In message: [EMAIL PROTECTED]
andi payn [EMAIL PROTECTED] writes:
: : Are there any other special devices like this in FreeBSD?
:
: Rewind units on tape drives? If there's no access check done, and I
: open the rewind unit as joe-smoe? The close code is what does the
: rewind,
to be checked.
Presumably, the way this _should_ work is that opening a device file
with O_NOACCESS shouldn't create a lock, set up for any kind of special
handling on close, or do anything else except give you an fd. And of
course that fd shouldn't be usable for anything you shouldn't be allowed
to do
As far as I can tell, FreeBSD doesn't have anything equivalent to
linux's O_NOACCESS (which is not in any of the standard headers, but
it's equal to O_WRONLY | O_RDWR, or O_ACCMODE). In linux, this can be
used to say, give me an fd for this file, but don't try to open it for
reading or writing
On Thu, 2003-10-30 at 07:46, andi payn wrote:
As far as I can tell, FreeBSD doesn't have anything equivalent to
linux's O_NOACCESS (which is not in any of the standard headers, but
it's equal to O_WRONLY | O_RDWR, or O_ACCMODE). In linux, this can be
used to say, give me an fd for this file
13 matches
Mail list logo
