Re: SG_IO and security

From: Linus Torvalds
Date: Thu Aug 12 2004 - 11:47:13 EST

Next message: Patrick Mansfield: "Re: [PATCH] SCSI midlayer power management"
Previous message: Jakub Vana: "Re: x86 - Realmode BIOS and Code calling module"
In reply to: Linus Torvalds: "Re: SG_IO and security"
Next in thread: Jeff Garzik: "Re: SG_IO and security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 12 Aug 2004, Linus Torvalds wrote:
>
> Hmm.. This still allows the old "junk" commands (SCSI_IOCTL_SEND_COMMAND).

Btw, I think the _right_ thing to check is the write access of the file
descriptor. If you have write access to a block device, you can delete the
data, so you might as well be able to do the raw commands. And that would
allow things like "disk" groups etc to work and burn CD's.

However, right now we don't even pass down the "struct file" to this
function. We probably should. Anybody willing to go through the callers?
(just a few callers, but things like cdrom_command() doesn't even have the
file, so it has to be recursive).

Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Patrick Mansfield: "Re: [PATCH] SCSI midlayer power management"
Previous message: Jakub Vana: "Re: x86 - Realmode BIOS and Code calling module"
In reply to: Linus Torvalds: "Re: SG_IO and security"
Next in thread: Jeff Garzik: "Re: SG_IO and security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]