dragoran <dragoran@xxxxxxxxxxxxxxx> writes: > how could this lets a user become root? Compromising firmware of one device on IDE bus = at least compromising both master and slave. > did one of this ever happend before 2.6.8.1 ? > become root -> I am sure that this never happend (using a scsi command) How about some proof? Security is not about "being sure". > 2 one possible but in that case we should block the commands that can > damage the drive simply blocking almost all commands is no solution.... How do you know which commands are dangerous? There is no standard for that. Chances are the standard commands are safe but nothing more. -- Krzysztof Halasa -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
