Something that needs to be addressed before 5.0 is the insecure default permissions on many devices. For example, on my system, the following devices have insecure permissions on 5.0 (but not on 4.x with the default MAKEDEV settings):
crw-r--r-- 1 root operator 117, 0 Nov 18 14:49 acd0 crw-rw-rw- 1 root wheel 21, 1 Nov 18 14:49 psm0 crw-rw-rw- 1 root wheel 180, 0 Nov 18 14:49 nvidia0 (This one isn't part of FreeBSD, but I might as well report it now) crw-rw-rw- 1 root wheel 30, 3 Nov 14 21:30 dsp0.0 crw-rw-rw- 1 root wheel 30, 0x00010003 Nov 8 23:38 dsp0.1 crw-rw-rw- 1 root wheel 30, 5 Nov 8 23:38 dspW0.0 crw-rw-rw- 1 root wheel 30, 0x00010005 Nov 8 23:38 dspW0.1 crw-rw-rw- 1 root wheel 30, 11 Nov 8 23:38 dspr0.0 These have the same permissions on 4.x, but they're still insecure (unprivileged users can read from a microphone). I'm sure there are others I have missed. Could everyone please check their /dev (better, check the kernel source)? Kris
msg46904/pgp00000.pgp
Description: PGP signature
