On Sat, Jul 29 2006, Dave Jones wrote:
> > - only root can ever be allowed to generate commands that the kernel has
> > no clue what they are doing. NO WAY can we allow a user to generate
> > postentially hardware-changing special commands just because he can
> > access the CD-ROM (ie how would the kernel know that it's not a command
> > that says "rewrite the firmware with something that always reads goatse
> > off the disk"?)
>
> I had visions of extending verify_command() to be of the form..
>
> if (devicevendor==PLEXTOR) {
> safe_for_write(ENABLE_BURN_PROOF);
> safe_for_write(ENABLE_FROBNICATOR);
> }
> etc..
God Dave, that's horrible and completely unmaintanable! The main problem
with the device table right now is that it's completely kernel
controlled, thus burdening everybody with this policy. Lets get it fixed
instead of adding more warts to it.
--
Jens Axboe
-
: send the line "unsubscribe linux-scsi" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
