On Thu, 20 Jul 2000, Ricky Beam wrote:
> On Thu, 20 Jul 2000, Andre Hedrick wrote:
> >> > Here is the rouge program that can be slipped into CRON.
> >> > A perl script......you name the access point and it gets permission
> >> > KISS your DATA GONE!
> >> >
> >>
> >> it needs root right? so with this util root can trash the disk.. so what's
> >> new?
> >
> >All you have to do is trick the kernel into thinking the access is root.
>
> And all I have to do is "trick the kernel" into sending five bytes to your
> ATAPI or SCSI drive and it'll be chicken-fried! (12 bytes to some drives and
> it'll be on it's way back to the factory for a new flash rom.)
This is why unresticted taskfile commands to ATA or SCSI must be filtered.
You make the point ever stronger. With the patch for ATA and diagnostic
TASK commands not enabled. the kernel can prevent what you are saying can
be done. Thus the stakes are now higher, and I did not want to bring SCSI
into this arena until a solution was in progress. But now you have
done it.
SCSI has a one or two page taskfile limit, enough to do what you are
saying.
Andre Hedrick
The Linux ATA/IDE guy
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:14 EST