Re: [PATCH RFC 2/2] mtd: ubi: add support for protecting critical volumes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



----- Ursprüngliche Mail -----
> Von: "chengzhihao1" <chengzhihao1@xxxxxxxxxx>
>>> Von: "Daniel Golle" <daniel@xxxxxxxxxxxxxx>
>>> Allow the boot firmware to define volumes which are critical for the
>>> system to boot, such as the bootloader itself if stored inside a UBI
>>> volume. Protect critical volumes by preventing the user from removing,
>>> resizing or writing to them, and also prevent the UBI device from
>>> being detached if a critical volume is present.
>> 
>> I agree with the doubts raised in patch 1/2, if userspace is so hostile
>> to delete system partitions, there is little hope.
>> But I'm still open for discussion.
> 
> Yes, I agree that it is meaningful to prevent user from operating
> volumes accidently. How about doing that by some existing methods? Eg.
> selinux(Design sepolicy for ioctl cmd).

Another thought, do we really need to enforce this in kernel space?
Teaching ubi-tools to be super careful with some volumes is also an option.

like a ubirmvol ... --i-know-what-im-doing.

Thanks,
//richard






[Index of Archives]     [Device Tree Compilter]     [Device Tree Spec]     [Linux Driver Backports]     [Video for Linux]     [Linux USB Devel]     [Linux PCI Devel]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [XFree86]     [Yosemite Backpacking]


  Powered by Linux