2 General Questions: device Files and fsck

[Ciralia]

I have searched through the internet trying to find the answer to these questions, but no luck. The first one is about device files. I know it is best to not have user permissions to view these files, but why shouldn't a user be able to create a device file? I read somewhere that if they can view them they might be able to see unencrypted passwords, but why not create?

Second question about fsck. If I have a mounted disk partition, why shouldn't I use fsck on it? Example: The user's home directory called /home is mounted, and then I use fsck /dev/... blah blah blah, you get the idea.

Thank you for your help.

 

[bfitzmai]

1. Users can create device file using command devfsadm.
2. fsck can be run by users. By default, fsck has execute privileges for everyone.

 

[Ciralia]

Thanks for the reply, but I wasn't asking if it was possible to do these things, I was asking why it wasn't good to do them. =)

 

[bfitzmai]

One thing standard users do not have the privileges of doing is mount/unmount file systems. Because of this running fsck on a mounted file system could cause data to become corrupted or lost.

I don't see any reason why a user could not run devfsadm.