In message: <20041120230815.GA12975@netbsd.org>
            Bill Studenmund <wrstuden@NetBSD.org> writes:
: (*) What is appropriate is a local policy decision, but I think a good 
: option should be to make the "duplicate" show up with permissions 000 (no 
: read, no write, no nothing) and to log BIG NASTY messages in syslog. 
: Perhaps even not completely booting, since we can't mount a file system 
: from that partition. But that's the policy I'd want; other folks or other 
: cases may want different.

FreeBSD lets the driver set the policy to a limited extent, but also
has a devfs control node that lets one load rules to override things
like ownership, permissions, adding aliases etc.  From FreeBSD's man
page:

   Rule Subsystem
     The devfs(5) rule subsystem provides a way for the administrator of a
     system to control the attributes of DEVFS nodes.  Each DEVFS mount-point
     has a ``ruleset'', or a list of rules, associated with it.  When a device
     driver creates a new node, all the rules in the ruleset associated with
     each mount-point are applied (see below) before the node becomes visible
     to the userland.  This permits the administrator to change the proper-
     ties, including the visibility, of certain nodes.  For example, one might
     want to hide all disk nodes in a jail(2)'s /dev.

Anyway, just wanted to point this out as prior art.  One can argue all
day long as to if it is good prior art or bad. :-)

Warner