Well if you mean that a program that gets crazy and randomly
and by mistake can destroy the HD, then you are right, we need this patch.
But i doubt it will ever protect the drive from someone doing it
intentionally, either by writing a kernel module or putting a new kernel
or whatever.
Thats how I see it, if the point is to be compliant with the standard and
avoid the possibility of a random disaster then you are right in my
opinion. From the security point of view, i think that the problem is in
the drive itself that shouldnt allow destructive operations ( or give an
hardware way to disable them, a jumper on the drive for example).
- enrico
On Fri, 21 Jul 2000, Andre Hedrick wrote:
> On Fri, 21 Jul 2000, Enrico Demarin wrote:
>
> >
> > I would like to understand better the scope of the IDE-fry-drive issue:
> >
> > 1) how is going Andre's patch to protect from the case where
> > the malicious user compiles a kernel module (or recompiles the kernel),
> > eliminating his patch.
> >
> > As far as i can understand the patch would work only if the malicious
> > user gaining rood can't compile a kernel module or get a fresh kernel
> > source rebuild it without the patch and run it. that is no kernel-source,
> > no compilers, no ftp access to download compilers and kernel source, or
> > pre-compiled modules.
> >
> > The only case where it would help would be to prevent some buffer overflow
> > to a root process or some trojan horse to do the dirty job automatically.
>
> I do not understand........
>
> Andre Hedrick
> The Linux ATA/IDE guy
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:17 EST