Does not matter........the patch is withdrawn......
Enjoy......
On Fri, 21 Jul 2000, Enrico Demarin wrote:
>
> Well if you mean that a program that gets crazy and randomly
> and by mistake can destroy the HD, then you are right, we need this patch.
> But i doubt it will ever protect the drive from someone doing it
> intentionally, either by writing a kernel module or putting a new kernel
> or whatever.
>
> Thats how I see it, if the point is to be compliant with the standard and
> avoid the possibility of a random disaster then you are right in my
> opinion. From the security point of view, i think that the problem is in
> the drive itself that shouldnt allow destructive operations ( or give an
> hardware way to disable them, a jumper on the drive for example).
>
> - enrico
>
>
> On Fri, 21 Jul 2000, Andre Hedrick wrote:
>
> > On Fri, 21 Jul 2000, Enrico Demarin wrote:
> >
> > >
> > > I would like to understand better the scope of the IDE-fry-drive issue:
> > >
> > > 1) how is going Andre's patch to protect from the case where
> > > the malicious user compiles a kernel module (or recompiles the kernel),
> > > eliminating his patch.
> > >
> > > As far as i can understand the patch would work only if the malicious
> > > user gaining rood can't compile a kernel module or get a fresh kernel
> > > source rebuild it without the patch and run it. that is no kernel-source,
> > > no compilers, no ftp access to download compilers and kernel source, or
> > > pre-compiled modules.
> > >
> > > The only case where it would help would be to prevent some buffer overflow
> > > to a root process or some trojan horse to do the dirty job automatically.
> >
> > I do not understand........
> >
> > Andre Hedrick
> > The Linux ATA/IDE guy
> >
>
Andre Hedrick
The Linux ATA/IDE guy
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:16 EST