Subject: Re: Getting rid of /dev/veriexec
To: Nathan J. Williams <nathanw@wasabisystems.com>
From: Elad Efrat <elad@NetBSD.org>
List: tech-kern
Date: 12/02/2005 15:54:36
Nathan J. Williams wrote:

> Let's see. You want to read and write control and bulk data, from a
> special-to-the-kernel node in a hierarchical namespace. This totally
> smells like reinventing /dev.

Isn't that what sysctl() is for?

>>2. If, some day, Veriexec would have the feature of returning the hash
>>   for a given file (or any other configuration inspection) it might
>>   be desired that a process with root privileges in a chroot cage (...)
>>   could be prevented from accessing that information.
> 
> 
> This sounds like an argument for leaving it in the filesystem.

Can you give me an example of a root-owned process inside a chroot()?
most, if not all examples of chroot() usage I know make sure to drop
root privileges.

Also, what is a real world application for this argument? I think this
case is *VERY* esoteric.

-e.

-- 
Elad Efrat