Re: Problem with the privileges of the KEXT package...
Re: Problem with the privileges of the KEXT package...
- Subject: Re: Problem with the privileges of the KEXT package...
- From: Pelle Johansson <email@hidden>
- Date: Thu, 30 May 2002 13:48:55 +0200
onsdagen den 29 maj 2002 kl 18.05 skrev Dean Reece:
On Wednesday, May 29, 2002, at 03:55 AM, Stiphane Sudre wrote:
On Wednesday, May 29, 2002, at 09:17 AM, Kevin Van Vechten wrote:
Moreover than making the KEXT inaccessible to the group, it probably
should not be in /Library/, since that is (and should be) group
writable, limiting the effectiveness of any permissions to the KEXT.
A purist such as myself would contend that KEXTs belong in
/System/Library/Extensions, owned by root:wheel.
The KEXT system was designed to load KEXTs from anywhere as long as
their ownership & permissions were acceptable.
If /Library/ is made sticky, and then Extensions set 755, it could
reasonably be said that /Library/Extensions/ has strict enough
privileges, without impeding too much on the usability. Is this
something you have considered? You would still need to be root to
install/remove KEXTs of course, but at least they won't be in /System/.
--
Pelle Johansson
<email@hidden>
_______________________________________________
darwin-kernel mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/darwin-kernel
Do not post admin requests to the list. They will be ignored.