On Thu, 31 Aug 2000, Matthew Kirkwood wrote:
> On Thu, 31 Aug 2000, Tigran Aivazian wrote:
>
> > Actually, microcode driver checks CAP_SYS_RAWIO only on open() so it
> > would allow access to the receiver of fd even he has no CAP_SYS_RAWIO
> > privilege. Hmmm, maybe I should put it back into write() method, as
> > Linus (or someone else) did at some point (and I removed it)...
>
> Surely that's correct. Observe that root can send me
> an fd to /etc/shadow or /dev/kmem if it so chooses.
ok, you are right - probably that is what I was thinking when I removed
the capability check in ->write() :)
as for CAP_SYS_RAWIO in mtrr - our emails must have crossed in the air - I
said exactly the same thing to Arnaldo...
Regards,
Tigran
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Aug 31 2000 - 21:00:26 EST