W dniu 18 marca 2011 20:26 użytkownik Arnd Bergmann <arnd@xxxxxxxx> napisał: > On Friday 18 March 2011 18:56:53 Michał Mirosław wrote: >> If that's going to be used by possibly unprivileged userspace process, >> then this passthrough should filter and validate all commands it >> passes to hardware. If there is a possibility of some command sequence >> to generate undefined or otherwise unwanted results, then you need >> state tracker that will disallow that sequence to be generated by >> unprivileged process. > We have precedence for direct host commands in a few other > block drivers. In general, any user who can open the block > device can issue all commands unless they can directly destroy > the hardware. On normal systems, the only user that has write > access to block devices is root. In this case, a process having access to one partition can disrupt other partitions on the same card even if it has no access to them in any other way. It is not that unusual on "normal systems" to give write access to some partition or device to unprivileged users. Database volumes are one example. Best Regards, Michał Mirosław -- To unsubscribe from this list: send the line "unsubscribe linux-mmc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
