Re: ide-cd problems

From: Alan Cox
Date: Thu Aug 05 2004 - 17:33:30 EST

Next message: Alan Cox: "Re: Linux 2.6.8-rc3 - BSD licensing"
Previous message: Andrew Morton: "Re: [PATCH] RSS ulimit enforcement for 2.6.8"
In reply to: Jens Axboe: "Re: ide-cd problems"
Next in thread: Jens Axboe: "Re: ide-cd problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Iau, 2004-08-05 at 06:40, Jens Axboe wrote:
> Ok, that is definitely more acceptable. But then it should be done to
> CDROM_SEND_PACKET as well, and we risk breaking programs doing so (ie
> cdrecord run by user currently).

Definitely. Irrespective of any questions like filtering commands having
/dev device access allow you to compromise the entire system is not a
good model. CAP_SYS_RAWIO is the capability for "can do anything" so
seems appropriate here.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: Linux 2.6.8-rc3 - BSD licensing"
Previous message: Andrew Morton: "Re: [PATCH] RSS ulimit enforcement for 2.6.8"
In reply to: Jens Axboe: "Re: ide-cd problems"
Next in thread: Jens Axboe: "Re: ide-cd problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]