Re: [OT] Joerg Schilling flames Linux on his Blog

[Joerg Schilling]

Bodo Eggert <7eggert@xxxxxx> wrote:

> On Thu, 26 May 2005, Alexander E. Patrakov wrote:
> > Bodo Eggert wrote:
>
> > >So we can
> > >
> > >1) give up and let any application with write access destroy the hardware
>
> > That won't be a problem if all apps with write access are running as 
> > root or setuid and thus the list of them is well-controlled by root.
>
> And if all these apps are guaranteed to have no buffer-overflow or other 
> exploits.

If you cleanly separate the ability to send SCSI commands from the ability
to write to a UNIX block or raw devive, you only need to check the programs
that explicitly need to send SCSI commands.

In former times, Linux did have this kind of clean separation between
e.g. /dev/sd0 and /dev/sg0. Just go back to the clean old model...

This could easily be done: Remove SG_IO from the list of ioctl functions
supported by drivers like /dev/sd0 and /dev/hda fix the bugs in ide_scsi.



Jörg

-- 
 EMail:joerg@xxxxxxxxxxxxxxxxxxxxxxxxxxx (home) Jörg Schilling D-13353 Berlin
       js@xxxxxxxxxxxxxxx		(uni)  
       schilling@xxxxxxxxxxxxxxxxxxx	(work) Blog: http://schily.blogspot.com/
 URL:  http://cdrecord.berlios.de/old/private/ ftp://ftp.berlios.de/pub/schily
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/