October 3rd, 2004

Finally committed my nvram driver. I have my tpb port ready but since i made the /dev/nvram device owned by group kmem and mode 440, tpb has to run setgid kmem which might not fly so well. I looked at the code and I don't see any easy way to drop privileges since it has to open /dev/nvram, read it, and close it every time it polls. I'll post it to ports@ and see what people have to say.

tpb makes no mention of how the permissions should be handled and Linux's NVRAM driver is 640, owned by root.root. Maybe tpb needs privsep. Ugh.

Questions or comments?
Please feel free to contact me.