Il 05/09/2012 22:18, Ric Wheeler ha scritto:Hi Paolo,FORMAT_UNIT has the same characteristics and yet it is allowed (btw, I
Both of these commands are destructive. WRITE_SAME (if done without the
discard bits set) can also take a very long time to be destructive and
tie up the storage.
don't think WRITE SAME slowness is limited to the case where a real
write is requested; discarding can be just as slow).
Also, the two new commands are anyway restricted to programs that have
write access to the disk. If you have read-only access, you won't be
able to issue any destructive command (there is one exception, START
STOP UNIT is allowed even with read-only capability and is somewhat
destructive).
Honestly, the only reason why these two commands weren't included, is
that the current whitelist is heavily tailored towards CD/DVD burning.
I think that restricting them to CAP_SYS_RAWIO seems reasonable - betterCAP_SYS_RAWIO is so wide in its scope, that anything that requires it is
to vet and give the appropriate apps the needed capability than to
widely open up the safety check?
insecure.
Paolo