Dave Jones <davej@suse.de>:
> > Consider the lives of people administering large server farms or
> > clusters. Their hardware is not necessarily homogenous, and the
> > ability to query the DMI tables on the fly could be useful both
> > for administration and automatic process migration.
>
> Given that 'dmidecode' works fine in those circumstances, that's still
> not a convincing argument imo.
But only for people and programs with root privileges. It all turns
then, on whether we want to insist that all software doing hardware
probing must have root privileges to function.
I submit that the answer is "no" -- the right direction, for security
and other reasons, is to make *fewer* capabilities dependent on root
privileges rather than more, and to reject design approaches that
imply creating more suid programs to give ordinary users capabilities
that involve only *reading* config information.
There is already stuff in /proc that seems to be there for precisely this
reason. So /proc/dmi would hardly be a violation of norms.
-- <a href="http://www.tuxedo.org/~esr/">Eric S. Raymond</a>Everything that is really great and inspiring is created by the individual who can labor in freedom. -- Albert Einstein, in H. Eves Return to Mathematical Circles, Boston: Prindle, Weber and Schmidt, 1988. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jan 07 2002 - 21:00:18 EST