>On Mon, Mar 11, 2002 at 09:37:23PM -0500, Jeff Garzik wrote:
>
>>It serves to encourage openness, nobody is forced to use it, and it
>>provides an additional layer of protection for those that choose to use
>>it. That is the point.
>>
>
>It doesn't provide any meaningful protection, that's the point.
>
>If you're root/have CAP_SYS_RAWIO, you can bit-bang the interface, you
>can patch out the filter from the kernel binary, you can do whatever
>pleases you. Don't run evil programs as root in the first place. And
>if you want to have finer-grained capabilities for specific
>drive-level actions, create an higher-level interface for them which
>will guarantee that only safe commands are used because they will be
>
Under more restricted domains, root cannot bit-bang the interface.
s/CAP_SYS_RAWIO/CAP_DEVICE_CMD/ for the raw cmd ioctl interface. Have
the OS trap I/O port accesses using SMM mode if you would like, and that
applies to your particular security situation.
The filter is useful for other reasons like correctness, as well.
Jeff
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/