Re: write-permission check for root

• Next message: James Simmons: "Re: 2.5.21 no source for several objects"
• Previous message: Robbert Kouprie: "RE: The buggy APIC of the Abit BP6"
• In reply to: Richard B. Johnson: "Re: write-permission check for root"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

dick,

> > i was wondering if if it's reasonable to disable root write access
> > for procfs,driverfs files (which have file permissions set to read
> > only)
>
> It is never reasonable. Check what root can do with any file...

yes, for the normal filesystem it's reasonable - procfs and driverfs
are a different thing. (if you want everyone just to read the value,
you mean everyone - even root)

procfs _does_ implement a check for that, it's only driverfs which doesn't
(for now) ... and i just wanted to know if there's a reason for that.

--snip/snip

> The ability for root to do anything, including ignoring file-permissions,
> is not going to go away.

it is gone already. (try to change /proc/version ;), also the capabilities
are there to not allow _everything_ for root (but that's not neccesarily an
fs issue)

thanks,

        tm

-- 
in some way i do, and in some way i don't.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

• Next message: James Simmons: "Re: 2.5.21 no source for several objects"
• Previous message: Robbert Kouprie: "RE: The buggy APIC of the Abit BP6"
• In reply to: Richard B. Johnson: "Re: write-permission check for root"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sat Jun 15 2002 - 22:00:28 EST