Re: ide-cd problems - Jens Axboe

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jens Axboe <axboe@suse.de>
To: Alan Cox <alan@lxorguk.ukuu.org.uk>,
	Zinx Verituse <zinx@epicsol.org>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: ide-cd problems
Date: Fri, 6 Aug 2004 17:13:10 +0200	[thread overview]
Message-ID: <20040806151309.GH23263@suse.de> (raw)
In-Reply-To: <20040806151455.GE29393@discworld.dyndns.org>

On Fri, Aug 06 2004, Charles Cazabon wrote:
> Jens Axboe <axboe@suse.de> wrote:
> > On Fri, Aug 06 2004, Alan Cox wrote:
> > > 		default:
> > > 			if(capable(CAP_SYS_RAWIO))
> > > 			/* Only administrators get to do arbitary things */
> > 
> > That's the case I don't agree with, and why I didn't like the idea
> > originally. That suddenly requires a patching of the kernel because of
> > new commands in new devices. Like when dvd readers became common, you
> > can't just require people to update their kernel because a few new
> > commands are needed to drive them from user space.
> 
> The problem is that what if one of the new commands is IGNITE_PLATTER?
> Unknown commands can do anything, are therefore extremely dangerous,
> and should be restricted.

Well yes, that's exactly why there is a discussion. As I have written
before, filtering cannot be perfect exactly because of this. Either you
leave unknown commands unfiltered (and risk a problem with new commands
until you update your kernels), or you add the _policy_ to filter
unknown commands and risk not working with new devices for no good
reason.

And if you really want to try and cover everything, you want to add
filtering tables per _device_. Which is basically impossible to do, and
is completely unmaintainable.

But I've already stated that before.

-- 
Jens Axboe

next prev parent reply	other threads:[~2004-08-06 15:14 UTC|newest]

Thread overview: 52+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-07-30 19:36 ide-cd problems Zinx Verituse
2004-07-31 15:36 ` Jens Axboe
2004-07-31 18:27   ` Zinx Verituse
2004-07-31 20:00     ` Jens Axboe
2004-07-31 21:02       ` Zinx Verituse
2004-08-01  4:07         ` Alexander E. Patrakov
2004-08-01 15:57           ` Jens Axboe
2004-08-02  3:20             ` Horst von Brand
2004-08-02 12:25               ` Jens Axboe
2004-08-02 20:44               ` Bill Davidsen
2004-08-02 13:45             ` tabris
2004-08-02 13:56               ` Jens Axboe
2004-08-02 14:26                 ` Andreas Metzler
2004-08-02 14:33                   ` Jens Axboe
2004-08-02 14:38                 ` tabris
2004-08-02 14:50                   ` Jens Axboe
2004-08-02 16:30           ` Bill Davidsen
2004-08-03  7:17             ` Jens Axboe
2004-08-02 17:16         ` Zinx Verituse
2004-08-05  5:40         ` Jens Axboe
2004-08-05 21:06           ` Alan Cox
2004-08-06  5:44             ` Jens Axboe
     [not found]               ` <20040806062331.GE10274@suse.de>
2004-08-06 12:14                 ` Alan Cox
2004-08-06 14:32                   ` Jens Axboe
2004-08-06 15:14                     ` Charles Cazabon
2004-08-06 15:13                       ` Jens Axboe [this message]
2004-08-07 14:01                       ` Alan Cox
2004-08-06 17:26                     ` dleonard
2004-08-06 22:47                       ` Jens Axboe
2004-08-07 14:04                         ` Alan Cox
2004-08-07 21:54                           ` Alan Cox
2004-08-07  3:11                     ` Jason L Tibbitts III
2004-08-09  8:39                       ` Jens Axboe
2004-08-07 14:08                     ` Alan Cox
2004-08-09  8:49                       ` Jens Axboe
2004-08-02 23:54       ` Alan Cox
2004-08-03  5:53         ` Jens Axboe
2004-08-03 16:17           ` Zinx Verituse
2004-08-04  5:01             ` Jens Axboe
2004-08-05 15:52               ` Alan Cox
2004-08-05 17:46                 ` Jens Axboe
2004-08-05 20:58                   ` Alan Cox
2004-08-05 18:53                 ` Bill Davidsen
2004-08-05 18:46           ` Bill Davidsen
2004-08-05 19:35             ` Jens Axboe
2004-08-05 21:02               ` Alan Cox
2004-08-06  5:42                 ` Jens Axboe
2004-08-03 15:28         ` Doug Maxey
2004-08-03 17:28           ` Alan Cox
2004-08-09 20:24       ` Bill Davidsen
2004-08-02 16:41   ` Bill Davidsen
2004-08-03 15:50     ` Horst von Brand

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20040806151309.GH23263@suse.de \
    --to=axboe@suse.de \
    --cc=alan@lxorguk.ukuu.org.uk \
    --cc=linux-kernel@vger.kernel.org \
    --cc=zinx@epicsol.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.