[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: FC6 and cdburning



dragoran <dragoran feuerpokemon de> writes:

> how could this lets a user become root?

Compromising firmware of one device on IDE bus = at least
compromising both master and slave.

> did one of this ever happend before 2.6.8.1 ?
> become root -> I am sure that this never happend (using a scsi command)

How about some proof? Security is not about "being sure".

> 2 one possible but in that case we should block the commands that can
> damage the drive simply blocking almost all commands is no solution....

How do you know which commands are dangerous? There is no standard
for that. Chances are the standard commands are safe but nothing
more.
-- 
Krzysztof Halasa


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]