On Mon, 8 May 2000, Igmar Palsenberg wrote:
[Securing system binaries with securelevels]
> I think that directly accessing /dev/hd or sd should also fall under the
> restricted operation..
The securelevels spec also states this. Readonly access in singleuser
mode, No access in multiuser.
> However, I think this breaks programs such as dump
dumping a device directly is evil, as the filesystem metadata can change
anytime (and usually will). So I don't think this will harm people too
much.
> > Good question. What is its use? (Hint: I know how the accelerated X
> > servers work.)
> Directly accessing PCI memory I think in that case :)
Most graphics hardware can directly access all memory, so you can use it
to circumvent the MMU. This is really bad IMO.
Simon
-- PGP public key available from http://phobos.fs.tum.de/pgp/Simon.Richter.asc Fingerprint: 10 62 F6 F5 C0 5D 9E D8 47 05 1B 8A 22 E5 4E C1 Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:11 EST