On Wed, 2 Dec 2009, Alan Cox wrote: > > 1) There's a security hole with dynamicly allocated devices if > > permissions on new device are difference than on old device. > > > > The issue is valid, but also exists if hard links are created to > > device nodes. udev already defends against this by setting > > permissions on device to zero before unlinking it. > > udev defends against it with the specific knowledge that any existing > open means the device is open and cannot be unloaded. The combination is > required (and some other happenstance properties). You're still missing the point. O_NODE is like a hard link, except the reference doesn't come from the filesystem but from a file descriptor. From udev's perspective there's no difference. Miklos -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
