The special file
/dev/io
is a controlled security hole that allows a process to gain I/O
privileges
(which are normally reserved for kernel-internal code).
Any process that holds a file descriptor on
/dev/io
open will get its
IOPL
bits in the flag register set, thus allowing it to perform direct
I/O operations.
This can be useful in order to write userland
programs that handle some hardware directly.
Note that even read-only access will grant the full I/O privileges.
In addition to any file access permissions on
/dev/io
the kernel enforces that only the super-user may open this device.
