Re: [PATCH] New phys_addr() syscall

Richard Gooch (Richard.Gooch@atnf.CSIRO.AU)
Mon, 20 Jul 1998 08:53:20 +1000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Chris Wedgwood: "Re: framebuffer stuff in v2.1.109"
Previous message: Alan Cox: "Re: vesa & v2.1.109"

Olivier Galibert writes:
> On Sun, Jul 19, 1998 at 02:24:15PM +0200, Alexander Kjeldaas wrote:
> > I this is only useful for specialized utilities, I suggest you check
> > for capable(CAP_SYS_ADMIN) in the system call.
>
> Relying of the fact that a process not having the capability is unable
> to know the physical address of a virtual page is nothing but security
> through obscurity. Linux' security is not snake oil.
>
> Besides, it would require to give a special capability to process
> needing the system call for nothing more than display purposes, which
> increases the number of potential security flaws while not adding real
> security.
>
> Hence, bad idea.

Amen. Let's not jump to restricting things by default.

Regards,

Richard....

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: Chris Wedgwood: "Re: framebuffer stuff in v2.1.109"
Previous message: Alan Cox: "Re: vesa & v2.1.109"