|| ||James Bottomley <James.Bottomley-AT-SteelEye.com>|
|| ||Jens Axboe <axboe-AT-suse.de>|
|| ||Re: cd burning with plextor drives.|
|| ||Sat, 29 Jul 2006 08:40:19 -0500|
|| ||Dave Jones <davej-AT-redhat.com>, linux-scsi-AT-vger.kernel.org,
On Sat, 2006-07-29 at 13:12 +0200, Jens Axboe wrote:
> > I'm not that familiar with this code, but would adding exceptions
> > on a per-vendor basis in sg_allow_access() be the way forward here?
> > If not, what is the right answer ?
> I'd greatly prefer just ripping the entire command access table out, it
> was a mistake to begin with and still just a horrible solution.
> In fact, I think we should decide soon what to do about it. At the
> storage summit, there was general consensus on just killing it as well.
I concur. If we're going to allow users access to burn CDs, it's
impossible to police them with certainty as this case indicates. If we
allow vendor specific commands down, there are bound to be some that
format the drive or destroy the firmware ...
So I think ripping the table out and acknowledging we have no security
is better than giving the illusion of having it.
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to email@example.com
More majordomo info at http://vger.kernel.org/majordomo-info.html
to post comments)