An example mdev.conf
Cathey, Jim
jcathey at ciena.com
Wed Nov 11 01:07:59 UTC 2009
>To clarify: you currently use mdev to create directories in /dev using
>permissions other than 755?
I don't think we (currently) use mdev to make directories in
there at all, but if we did, they'd probably need to be g=u.
We have user accounts with permission levels, any account at
a given level has explicit permission to mess with anything
else at that level. Basically we only want group/world
permissions, not user. So we make all permissions g=u and
that works for 99% of it. (There are a few superuser-only
things that we have to explicitly wrap sudo's around, and/or
use suid root bits.) All like-permissioned accounts are in
the same group, and default umasks are 002. Still possible
for the savvy user to chmod the 020 bits off and thus 'protect'
things he shouldn't, but that's not much of a problem in practice.
>Any way I could see your current mdev.conf to add it to the pile?
Here's what one of them (the smallest) has:
core 0:0 660
kmem 0:0 664
dying_gasp 0:0 666 >wirq
wwp_leds 0:0 666 >wled
urandom 0:0 444
.* 0:0 666
-- Jim
More information about the busybox
mailing list