On 1/3/06, Ian Jackson <[EMAIL PROTECTED]> wrote: > (AFAICT, for example, if the permissions have been configured locally > somehow to be something like 0600 the configure option would result in > a brief moment of 0660, which might be a security problem.)
Wouldn't that only be the case if (a) devmapper is invoked with the default options? (b) some untrusted account has permission to use the disk group? Of course, I guess a part of the issue here is that devmapper is invoked automatically with the default options. But nothing requires that any user have access to the disk group. I'm not sure what happens if the "disk" group doesn't exist. Perhaps for that case, devmapper should fall back to 600 permissions and group 0? -- Raul
