Meelis Roos <mroos@linux.ee> writes:
>PBD> Right now, you can write (for example) an Iomega Jaz utility without
>PBD> any kernel futzing at all. Contrast this with Windows where it seems
>PBD> necessary to always install a new driver.
>
>What IS the solution?
.
.
.
>* We want to use raw ide & scsi & etc commands. This is a problem.
> Is a general safe filter even possible (such that cd writing, zip dives
> etc continue to work)? I assume this is not possible.
>
>So the only 'bulletproof' way is to do all hardare access in kernel and not
>provide userspace _any_ methods for doing it directly. This means all zip
>drivers & graphics drivers & so on in the kernel :-(
>
>Therefore:
>
>_IF_ the hardware can be damaged THEN no userspace application must
>be able to access it directly and to use such devices, a kernel level
>driver must exist t o provide all the access safely.
>
>Or am I missing something?
No, but you're not emphasizing the ":-(" at the end of the paragraph
above. The idea that to use specific Jaz drive commands I need to
"insmod jaz.o" strikes me as a reversal of one of the boldest triumphs
and biggest differences between Windows and most Unixen.
The fact that we have *SCSI* and *IDE* drivers, and not Seagate,
Iomega, Adaptec etc. drivers is something we should not be
contemplating abandoning.
So, sure, protect the whole or some portion of the sg drivers with
CAP_SYS_RAW, but don't think that its still Unix if you have to
install a device-specific driver for each device that uses a standard
protocol.
--p
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:20 EST