Re: IDE drive killer question

From: Enrico Demarin (mccoy@smc.it)
Date: Fri Jul 21 2000 - 15:40:46 EST

Next message: Keith Owens: "Re: Cache coherency... and locking"
Previous message: Igmar Palsenberg: "Re: VM problems with 2.2.16"
In reply to: Krnl Programmers: "Re: IDE drive killer question"
Next in thread: Myrddin Emrys: "Re: IDE drive killer question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Yes if its just meant to avoid random accidents then we definitely need
the patch. But even better the IDE drive manufactor should fix this in the
drive firmware.

By the way an ignorant root will much more easily do an rm -rf / and
forget to do back ups, which would lead to much more expensive damages
than a cheap IDE drive, in term of loss of time and data.

The stupid things a stupid root could do are countless i think.

If the point of Andre is fixing the driver because its broken and allows
illegal operations then its completely right for this patch to get into
the kernel, IMHO.

enrico

On Fri, 21 Jul 2000, Krnl Programmers wrote:

> >From what I see, there are two reasons that this patch should be used.
> 1) It's against the ATA specs (as our vocal friend likes to point out that
> he votes for)
> 2) It protects against an ignorant root from totally destroying his HD.
>
> So, although there are thousands of ways to destroy your computer on
> purpose, it should be difficult (one could wish, impossible) to do it
> because of an accident.
>
> Is it absolutely vital to have it release in 2.4.0 or could it wait until
> that gets released and be added while development for the next version
> begins?
>
> -mike
>
> Enrico Demarin said...
> >
> > I would like to understand better the scope of the IDE-fry-drive issue:
> >
> > 1) how is going Andre's patch to protect from the case where
> > the malicious user compiles a kernel module (or recompiles the kernel),
> > eliminating his patch.
> >
> > As far as i can understand the patch would work only if the malicious
> > user gaining rood can't compile a kernel module or get a fresh kernel
> > source rebuild it without the patch and run it. that is no kernel-source,
> > no compilers, no ftp access to download compilers and kernel source, or
> > pre-compiled modules.
> >
> > The only case where it would help would be to prevent some buffer overflow
> > to a root process or some trojan horse to do the dirty job automatically.
> >
> > - enrico
>

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Keith Owens: "Re: Cache coherency... and locking"
Previous message: Igmar Palsenberg: "Re: VM problems with 2.2.16"
In reply to: Krnl Programmers: "Re: IDE drive killer question"
Next in thread: Myrddin Emrys: "Re: IDE drive killer question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:17 EST