On Sun, 12 Apr 2009 15:29:57 +0300 Lars Noodin
<larsnooden@openoffice.org> wrote:
Since you don't have write access to the /dev directory, the attempted
move fails.
The thing to realize is a device file is really nothing more than a
pointer to a handling routine in the kernel. If you manage to change
what routine said pointer actually points to in the kernel (i.e. Major
and Minor number as displayed by ls), then there's a serious problem
because you're now executing the wrong code in the kernel.
crw--w---- 1 jcr tty 5, 8 Apr 12 05:58:17 2009 ttyp8
crw--w---- 1 jcr tty 5, 9 Apr 12 06:11:30 2009 ttyp9
crw--w---- 1 jcr tty 5, 10 Apr 12 06:14:51 2009 ttypa
crw--w---- 1 jcr tty 5, 11 Apr 12 06:14:51 2009 ttypb
crw--w---- 1 jcr tty 5, 12 Apr 12 06:14:51 2009 ttypc
crw------- 1 jcr jcr 69, 1 Mar 29 22:20:59 2009 wskbd
crw------- 1 jcr jcr 67, 0 Mar 29 22:20:59 2009 wskbd0
crw------- 1 jcr jcr 69, 0 Mar 29 22:20:59 2009 wsmouse
crw------- 1 jcr jcr 68, 0 Mar 29 22:20:59 2009 wsmouse0
The above shows some pseudo terminals (xterms) I have open, and the
last two (ttypb and ttypc) were opened for this test. I've got read and
write permissions to both of them.
$ mknod -m 0600 ttypb c 5 12
ksh: mknod: ttypb: Operation not permitted
$
I tried to use mknod(8) (the same command used by MAKEDEV) to force the
the ttypb device file point to the same routine in the kernel where the
ttypc device file is pointing. Of course, it didn't work (as expected),
but that's the kind of scary stuff you need to watch out for when you
go mucking around with device files and permissions.
As long as you remember a device file is a pointer to executable code
in kernel space, you'll appropriately fearful and cautious about messing
with them.
--
J.C. Roberts
