Port-i386 archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Please read if you use x86 -current
On Thu, Nov 13, 2008 at 09:36:03PM +0200, Antti Kantee wrote:
> On Thu Nov 13 2008 at 14:04:41 -0500, Thor Lancelot Simon wrote:
> > That's exactly what I am saying! The current code is broken, and there
> > are several ways to fix it. But with the current, broken code for
> > enforcing the security policy, allowing user space filesystem daemons
> > (ones that have to access raw disks, anyway) basically voids the
> > no-persistent-compromise guarantee.
>
> So what you're saying is that NetBSD securelevels<2 are broken because
> they allow raw disk access. I don't see anything specific to userspace
> file servers.
No, I'm saying that this was intended to work safely at securelevel 1 but
was implemented wrong. The point is that userspace fileservers require
raw disk access and thus can't be used at securelevel 2 (where you get
the persistent-compromise guarantees), which is very unfortunate.
The sensible place to put effort is into fixing securelevel 1 disk access
semantics, it seems to me, not into making userspace fileserver work at
securelevel 2.
--
Thor Lancelot Simon
tls%rek.tjls.com@localhost
"Even experienced UNIX users occasionally enter rm *.* at the UNIX
prompt only to realize too late that they have removed the wrong
segment of the directory structure." - Microsoft WSS whitepaper
Home |
Main Index |
Thread Index |
Old Index