On Wednesday 23 March 2011, John Calixto wrote: > > On Wed, 23 Mar 2011, MichaÅ MirosÅaw wrote: > > When you grant write access to a device to some user, you should > > expect that it is all you are granting. There shouldn't be any hidden > > doors that, for example, if underlying device is SD card then you can > > destroy it by this ioctl(). Not counting wearing or WORM-like media, > > writes (also erasing, changing encryption keys, etc.) are undoable. > > Other forms of access should be granted separately (by capabilities or > > other means). > > > > Fair enough. I'm not aware enough of the other ACMDs that might > actually destroy the card (nothing I'm using will destroy the card), so > I'll be sure to hook it with CAP_SYS_ADMIN (or whatever capability is > most appropriate). The standard defines some commands as vendor-specific. A typical use case for these would be a way to update the firmware on the embedded microcontroller of the card. Overwriting that firmware with garbage would be an obvious way to brick the card. Arnd -- To unsubscribe from this list: send the line "unsubscribe linux-mmc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
