Re: ide-cd problems

From: Jens Axboe
Date: Fri Aug 06 2004 - 00:46:48 EST

Next message: Joerg Schilling: "Re: PATCH: cdrecord: avoiding scsi device numbering for ide devices"
Previous message: Christian Borntraeger: "Re: [irda-users] [PATCH] Add PCI-dependency for donauboe irda driver"
In reply to: Alan Cox: "Re: ide-cd problems"
Next in thread: Alan Cox: "Re: ide-cd problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Aug 05 2004, Alan Cox wrote:
> On Iau, 2004-08-05 at 06:40, Jens Axboe wrote:
> > Ok, that is definitely more acceptable. But then it should be done to
> > CDROM_SEND_PACKET as well, and we risk breaking programs doing so (ie
> > cdrecord run by user currently).
>
> Definitely. Irrespective of any questions like filtering commands having
> /dev device access allow you to compromise the entire system is not a
> good model. CAP_SYS_RAWIO is the capability for "can do anything" so
> seems appropriate here.

We risk breaking lots of programs, but it might be the best option yes.

--
Jens Axboe

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Joerg Schilling: "Re: PATCH: cdrecord: avoiding scsi device numbering for ide devices"
Previous message: Christian Borntraeger: "Re: [irda-users] [PATCH] Add PCI-dependency for donauboe irda driver"
In reply to: Alan Cox: "Re: ide-cd problems"
Next in thread: Alan Cox: "Re: ide-cd problems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]