SCSI command filtering
Posted Aug 3, 2006 11:02 UTC (Thu) by NRArnot
Parent article: SCSI command filtering
Linus is right, as usual.
The kernel should definitely offer the hooks for SCSI command filtering, so that an unprivileged user can't fry the hardware. It's really no different to stopping him from oopsing the OS or corrupting the filestore. However, the details of the filtering for each model of drive need not be the responsibility of the kernel maintainers, when they can be tweaked via a system startup script. Let ZZZ, or someone who maintains ZZZ burners, supply the necessary definitions for a ZZZ-1234 drive, if the defaults are unsafe or over-restrictive. There's an analogy with netfilter here. Who would argue for the removal of netfilter, even though its default state is to do nothing?
to post comments)