RE: /dev/io , /dev/mem : only used by Xorg?

• Previous message: Ted Mittelstaedt: "RE: /dev/io , /dev/mem : only used by Xorg?"
• In reply to: Rob: "Re: /dev/io , /dev/mem : only used by Xorg?"
• Next in thread: Ted Mittelstaedt: "RE: /dev/io , /dev/mem : only used by Xorg?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: "Rob" <spamrefuse@yahoo.com>, "FreeBSD questions" <freebsd-questions@freebsd.org>
Date: Mon, 28 Feb 2005 04:18:10 -0800

> -----Original Message-----
> From: owner-freebsd-questions@freebsd.org
> [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Rob
> Sent: Monday, February 28, 2005 3:11 AM
> To: FreeBSD questions
> Subject: Re: /dev/io , /dev/mem : only used by Xorg?
>
>
> What triggered my question, was what I found in the
> man page of io:
>
> The special file /dev/io is a controlled
> security hole that allows a process to gain
> I/O privileges (which are normally reserved
> for kernel-internal code).
>
> So I thought, if it's not needed (since I have no
> X installed), then it better should go.

If your server isn't chained to a steel post set in concrete then it
is a security risk to put data on it because someone might steal it
and read all your data.

Unfortunately, too many people read the words "security hole" and their
brain short-circuits and they stop thinking.

It is possible to argue that any possible thing you do in your life from
getting up in the morning and taking a dump to going to bed at night is
a security risk. It is possible to make people do a lot of ignorant and
stupid things (at least in the United States) right now by waving around
the security flag.

Just because something appears to not be used is no good reason for
removing it. If it really was useless it wouldn't be there in the
first place.

Ted
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

• Previous message: Ted Mittelstaedt: "RE: /dev/io , /dev/mem : only used by Xorg?"
• In reply to: Rob: "Re: /dev/io , /dev/mem : only used by Xorg?"
• Next in thread: Ted Mittelstaedt: "RE: /dev/io , /dev/mem : only used by Xorg?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: What is the best affordable protection? ... >> Tell that to all the Red Hat users, and the MAC users, and the other HP ... problem with security as MS systems. ... The security hole first gained attention Tuesday after Secunia, ... Web link invokes the Help Viewer, which runs a script, executing a Unix ... (comp.security.misc) Re: Linux vs MS Security ... Okay, then simply compare the relative amount of internet servers ... The offhand comment that "anyone can find the weak spots" is too ... > security hole were out. ... (comp.os.linux) Re: New Windows virus you can get just by looking at a picture, info in here ... > The Microsoft Media Player "Rights" stuff added by the master salesman ... > Big Gates caused this yet another security hole in his products. ... that will tell you when to buy and sale stock. ... (misc.invest.stocks) Re: FW: Possible flaw in XFree? ... > consoles as each sonsole is the users responsibility, ... session, ... > It is a serious security hole, and, because of that should not ... (Vuln-Dev) Re: Is Linux a Security Time Bomb? ... XPs time bomb went off a long time ago. ... So why is there a SuSE security patch on average more than ... A patched security hole is no longer a security hole. ... The fact that security patches come out often is a good thing. ... (alt.os.linux.suse)