On Fri, 21 Jul 2000 bodnar42@bodnar42.dhs.org wrote:
> On Sat, 22 Jul 2000, Stephen Frost wrote:
>
> > As root you can do alot worse things that hurt users. When the
> > kernel does *exactly* as root requests I have a hard time seeing it as being
> > flawed.
> >
> It's flawed if sanity checks aren't in place to prevent it from doing
> obviously and detectably incorrect things.
Too bad this isn't the case here. From what I've been able to gather
this is actually part of the SPEC, which is why the capability was there to
begin with. It just happens that you can overwrite the bios on the disk using
it. Now, there are legitimate uses for this, when a user wants to upgrade
the bios on a disk. As near as I can tell it's basically the same issue as
with motherboard bioses. The concern is that it can be abused. Of course,
there are *lots* of things that are useful but can be abused. Should we
get rid of them? I doubt it.
Stephen
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:18 EST