Followup to: <Pine.LNX.4.10.10007212041090.15902-100000@master.linux-ide.org>
By author: Andre Hedrick <andre@linux-ide.org>
In newsgroup: linux.dev.kernel
>
> Everyone
>
> I am talking about attempting to invoke unknown vender specific commands
> They do comply with the SPEC but are not part of the SPEC.
> Since I do not have the priviledge of knowing these facts, but know they
> exist. You can not allow a rouge driver attempt to invoke these commands.
>
A rogue driver can always do this by writing straight to the
interface. I think a more serious issue is: what about a *buggy*
drivers? However, what I am a bit unclear of is the following: will
this patch prevent me from writing a driver which issues legitimate
vendor-specific commands to control vendor-specific aspects of a
particular piece of hardware? If so, that would be a very bad thing.
However, if this patch is there to prevent buggy programs from issuing
known-to-be-damaging commands by accient, then that is a Good
Thing[TM].
I personally would have to agree with the people that say this isn't a
security issue, but I *do* believe that protecting buggy programs (we
never have any of those, right?) from causing permanent damage to the
hardware is a very useful thing.
-hpa
-- <hpa@transmeta.com> at work, <hpa@zytor.com> in private! "Unix gives you enough rope to shoot yourself in the foot." http://www.zytor.com/~hpa/puzzle.txt- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:19 EST