[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: FC6 and cdburning



Krzysztof Halasa wrote:
dragoran <dragoran feuerpokemon de> writes:

which is broken commands should only be filtered if they cause damage,
but only because they may be able flash the firmware on a drive that
may not even exists is IMHO not a fix but a bug.

If you can issue such commands to the drive, you can easily:
- become root
- damage the drive

Should a chmod +w /dev/drive for a user give him root access to
the system (which can't be stopped even with selinux)?
how could this lets a user become root?
did one of this ever happend before 2.6.8.1 ?
become root -> I am sure that this never happend (using a scsi command)
2 one possible but in that case we should block the commands that can damage the drive simply blocking almost all commands is no solution....


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]