Well, that would _have_ to be the case, right now you give read access to
every single device exported this way. Not acceptable.
I really suspect that it would be better to not export the device itself,
but export just device data. In particular, that avoids the security
issues altogether, and it's most likely what a hotplug agent really wants
anyway (and the pure node is useless without a hotplug agent, as the
default kernel permissions would have to be so anal as to make it not
interesting).
So I'd suggest you just export a text-file that describes the thing.
Something like
- legacy name (the kernel knows about these anyway, see /proc/mounts and
friends)
- major number, minor number) and char vs block
that way a simple script can just basically do the equivalent of "MAKEDEV"
at hotplug time using the legacy name as a key to whatever permission and
ownership heuristics it has (the way MAKEDEV already does)
Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/