Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1758497AbXLRPXA (ORCPT ); Tue, 18 Dec 2007 10:23:00 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1756514AbXLRPWw (ORCPT ); Tue, 18 Dec 2007 10:22:52 -0500 Received: from chello089077114002.chello.pl ([89.77.114.2]:46837 "EHLO astralstorm.puszkin.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753136AbXLRPWw (ORCPT ); Tue, 18 Dec 2007 10:22:52 -0500 Date: Tue, 18 Dec 2007 16:22:28 +0100 From: Radoslaw Szkodzinski (AstralStorm) To: Al Boldi Cc: "Indan Zupancic" , "Tetsuo Handa" , david@davidnewall.com, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem. Message-ID: <20071218162228.79f75395@astralstorm.puszkin.org> In-Reply-To: <200712171605.31084.a1426z@gawab.com> References: <47650A4C.4000708@davidnewall.com> <200712170040.lBH0e6sf099887@www262.sakura.ne.jp> <54137.81.207.0.53.1197891890.squirrel@secure.samage.net> <200712171605.31084.a1426z@gawab.com> X-Mailer: Claws Mail 3.1.0 (GTK+ 2.12.1; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_/Dj+tqoofQEliyGOuA6BjJ.d"; protocol="application/pgp-signature"; micalg=PGP-SHA1 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1352 Lines: 41 --Sig_/Dj+tqoofQEliyGOuA6BjJ.d Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Mon, 17 Dec 2007 16:05:31 +0300 Al Boldi wrote: > Indan Zupancic wrote: > > On Mon, December 17, 2007 01:40, Tetsuo Handa wrote: > > I think you can better spend your time on read-only bind mounts. >=20 > That would be too coarse. >=20 Actually, who needs to create device nodes? Just prohibit everyone from creating them, except "installer" and "udev" personality. This means removing CAP_MKNOD on a global scale. (OTOH, both don't need CAP_SYS_ADMIN. Maybe udev needs CAP_SYS_MODULE...) Now, stopping people from faking hotplug events is totally another story. Is that currently possible? --Sig_/Dj+tqoofQEliyGOuA6BjJ.d Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.7 (GNU/Linux) iD8DBQFHZ+W8BlhXA0ALOYMRArJLAKDGSzgFHGYfbanFqdZqnbvAiU1GeQCghdsS YF2IEkcJkGbHf64ZdIEBnkI= =tzOb -----END PGP SIGNATURE----- --Sig_/Dj+tqoofQEliyGOuA6BjJ.d-- -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/