Re: [PATCH-NEW] allow root to modify raw scsi command permissions list
From: Marc Ballarin (Ballarin.Marc_at_gmx.de)
Date: 09/16/04
- Previous message: Andre Tomt: "Re: [sata] new libata-dev-2.6 queue created (AHCI, SATA bridges)"
- In reply to: Alan Cox: "Re: [PATCH-NEW] allow root to modify raw scsi command permissions list"
- Next in thread: Peter Jones: "Re: [PATCH-NEW] allow root to modify raw scsi command permissions list"
- Reply: Peter Jones: "Re: [PATCH-NEW] allow root to modify raw scsi command permissions list"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 16 Sep 2004 01:33:51 +0200 To: Alan Cox <alan@lxorguk.ukuu.org.uk>
On Wed, 15 Sep 2004 22:38:47 +0100
Alan Cox <alan@lxorguk.ukuu.org.uk> wrote:
> You need to check for capable(CAP_SYS_RAWIO) otherwise you elevate
> anyone with access bypass capabilities to CAP_SYS_RAWIO equivalent
> powers.
True. File permissions aren't enough.
Will something like this suffice?
static ssize_t rcf_store_write(struct rawio_cmd_filter *rcf, const char *page,
size_t count)
{
...
if (!capable(CAP_SYS_RAWIO))
return -EPERM;
while(i < RCF_MAX_NR_CMDS)
clear_bit(i++, rcf->write_ok);
...
Regards
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
- Previous message: Andre Tomt: "Re: [sata] new libata-dev-2.6 queue created (AHCI, SATA bridges)"
- In reply to: Alan Cox: "Re: [PATCH-NEW] allow root to modify raw scsi command permissions list"
- Next in thread: Peter Jones: "Re: [PATCH-NEW] allow root to modify raw scsi command permissions list"
- Reply: Peter Jones: "Re: [PATCH-NEW] allow root to modify raw scsi command permissions list"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
