Re: Direct access to hardware

Khimenko Victor (khim@sch57.msk.ru)
Sat, 22 Jul 2000 21:15:26 +0400 (MSD)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Khimenko Victor: "Re: TO HELL WITH IT THEN......(re: disk-destroyer.c)"
Previous message: Khimenko Victor: "Re: disk-destroyer.c"
Maybe in reply to: Ville Herva: "Direct access to hardware"
Next in thread: Linus Torvalds: "Re: Direct access to hardware"
Next in thread: Bartlomiej Zolnierkiewicz: "Re: TO HELL WITH IT THEN......(re: disk-destroyer.c)"

In <Pine.LNX.4.21.0007211543460.12570-100000@anime.net> Dan Hollis (goemon@sasami.anime.net) wrote:
> On Sat, 22 Jul 2000, Ville Herva wrote:
>> So, would it be feasible to make it possible to disable direct hardware
>> access (/dev/mem, /dev/nvram, HD ioctls, what else?) completely in kernel
>> config?

> I would certainly feel better if this were possible, in which case Andre's
> patch would be more reasonable.

> If you can't bit-bang hardware directly, and kernel API is the only access
> to devices, then it's easier to secure.

> As long as raw hardware access is possible, no amount of kernel API
> parameter checking will protect you from malicious programs. (I think,
> this is a point the GGI guys try to make)

> What userspace programs still require direct raw access to hardware? Only
> X servers?

X servers, DOSEMU, VMWare (it installes kernel module so perhaps it's userspace
part does not need such access).

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Khimenko Victor: "Re: TO HELL WITH IT THEN......(re: disk-destroyer.c)"
Previous message: Khimenko Victor: "Re: disk-destroyer.c"
Maybe in reply to: Ville Herva: "Direct access to hardware"
Next in thread: Linus Torvalds: "Re: Direct access to hardware"
Next in thread: Bartlomiej Zolnierkiewicz: "Re: TO HELL WITH IT THEN......(re: disk-destroyer.c)"