Devices must failsafe from a security point of view in the absense of
a devfsd. Otherwise there will extreme opposition from the security
officer. This means 0600 or more restrictive permissions. While it
doesn't happen often, it must be designed for. Otherwise you've
replaced a secure, predictible system with an insecure one, which is
not acceptible at all in the base FreeBSD product.
How permissions are saved, devices are given out for use I don't care
too much about so long as it is secure.
In general, it is very hard to secure a system where things aren't
predictable.
Warner
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
