On Wed, Mar 08 2006, James Bottomley wrote: > On Wed, 2006-03-08 at 00:14 -0800, akpm@xxxxxxxx wrote: > > From: Thomas Maguin <T.Maguin@xxxxxx> > > > This patch allows normal users to eectute some Plextor drives > > commands: > > > > - Hide CD-R > > - SingleSession > > - SpeedRead > > - PowerRec > > - VariRec > > - GigaRec > > > > This one just isn't safe. We can't add vendor specific commands to the > permissions table because they mean different things to different > vendors ... get mode on one could be halt and catch fire on another, so > the whole concept of safety via command verification is lost. > > I don't happen to believe in this type of command verification anyway, > so I'd be perfectly happy to switch this over to a better facility (like > capabilities), but while you're claiming to vet commands, you have to be > logically correct (which means no vendor specific commands). I have to agree, unfortunately... Perhaps this is some motivation to get the fs permission table into the mainline kernel for 2.6.17. It's the 'cmdfilter' branch of the git block repo. Then we could finally get rid of this ugly command table. -- Jens Axboe - : send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
