From: John Calixto <john.calixto@modsystems.com>
To: "Michał Mirosław" <mirqus@gmail.com>
Cc: Arnd Bergmann <arnd@arndb.de>, linux-mmc@vger.kernel.org, cjb@laptop.org
Subject: Re: [PATCH resend] mmc: Added ioctl to let userspace apps send ACMDs
Date: Tue, 22 Mar 2011 17:44:29 -0700 (PDT) [thread overview]
Message-ID: <alpine.DEB.2.00.1103221741140.30367@peruna> (raw)
In-Reply-To: <AANLkTikHzG3j8oT_aqZ5VAGFxyBBShyPzQTZxvxwkuff@mail.gmail.com>
[-- Attachment #1: Type: TEXT/PLAIN, Size: 735 bytes --]
On Wed, 23 Mar 2011, Michał Mirosław wrote:
> When you grant write access to a device to some user, you should
> expect that it is all you are granting. There shouldn't be any hidden
> doors that, for example, if underlying device is SD card then you can
> destroy it by this ioctl(). Not counting wearing or WORM-like media,
> writes (also erasing, changing encryption keys, etc.) are undoable.
> Other forms of access should be granted separately (by capabilities or
> other means).
>
Fair enough. I'm not aware enough of the other ACMDs that might
actually destroy the card (nothing I'm using will destroy the card), so
I'll be sure to hook it with CAP_SYS_ADMIN (or whatever capability is
most appropriate).
John
next prev parent reply other threads:[~2011-03-23 0:44 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-17 18:28 [PATCH resend] mmc: Added ioctl to let userspace apps send ACMDs John Calixto
2011-03-17 18:35 ` Ben Dooks
2011-03-17 21:55 ` Arnd Bergmann
2011-03-18 17:32 ` John Calixto
2011-03-18 17:56 ` Michał Mirosław
2011-03-18 19:26 ` Arnd Bergmann
2011-03-19 17:36 ` Michał Mirosław
2011-03-19 19:00 ` Arnd Bergmann
2011-03-21 18:37 ` John Calixto
2011-03-21 23:16 ` Michał Mirosław
2011-03-22 22:31 ` John Calixto
2011-03-23 0:18 ` Michał Mirosław
2011-03-23 0:44 ` John Calixto [this message]
2011-03-23 7:57 ` Arnd Bergmann
2011-03-18 19:25 ` Arnd Bergmann
2011-03-18 22:06 ` [PATCH resend] mmc: Added ioctl to let userspace apps send ACMD John Calixto
2011-03-19 11:52 ` Arnd Bergmann
2011-03-20 2:12 ` John Calixto
2011-03-20 5:11 ` Michał Mirosław
2011-03-21 12:25 ` Arnd Bergmann
2011-03-21 14:26 ` Andrei Warkentin
2011-03-21 18:22 ` John Calixto
2011-03-19 0:24 ` [PATCH resend] mmc: Added ioctl to let userspace apps send ACMDs John Calixto
2011-03-19 9:42 ` Arnd Bergmann
2011-03-19 16:09 ` Chris Ball
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.00.1103221741140.30367@peruna \
--to=john.calixto@modsystems.com \
--cc=arnd@arndb.de \
--cc=cjb@laptop.org \
--cc=linux-mmc@vger.kernel.org \
--cc=mirqus@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox