On Mon, Aug 23, 2004 at 12:50:26PM +0200, David Zeuthen wrote: > But.. without access to block devices, how do propose we detect media > changes then? If you don't have permission you leave it alone would be the obvious answer. There is another problem with opening all the devices and polling too. I have 17 CD-ROM slots attached to one PC. As they are multichangers it'll take you about 2 minutes to poll them all as well as ruining anything they were doing. Any multichanger shouldn't be polled this way. > Sure, it's an attack vector, however keep in mind that hald uses D-BUS > as IPC and D-BUS is specifically designed to be secure and validate the > messages that come through. and sendmail was formally audited and BR14 had no bugs. Adding attack vectors is bad but if HAL only has permissions for the drives it needs then it doesnt seem too big a problem. > > Also one of my machines is logging the following repeatedly: > > Aug 23 20:31:14 community kernel: hdc: packet command error: error=0x50 > > Aug 23 20:31:14 community kernel: cdrom: open failed. Hal is triggering errors trying to open drives with no media. Probably hal should keep the CD-ROM open, flip doorlock back off and use ATA media sense packets. Thats horrible stuff to do unfortunately.
