FC6 and cdburning
dragoran
dragoran at feuerpokemon.de
Sat Jul 29 17:26:18 UTC 2006
Krzysztof Halasa wrote:
> dragoran <dragoran at feuerpokemon.de> writes:
>
>
>> which is broken commands should only be filtered if they cause damage,
>> but only because they may be able flash the firmware on a drive that
>> may not even exists is IMHO not a fix but a bug.
>>
>
> If you can issue such commands to the drive, you can easily:
> - become root
> - damage the drive
>
> Should a chmod +w /dev/drive for a user give him root access to
> the system (which can't be stopped even with selinux)?
>
how could this lets a user become root?
did one of this ever happend before 2.6.8.1 ?
become root -> I am sure that this never happend (using a scsi command)
2 one possible but in that case we should block the commands that can
damage the drive simply blocking almost all commands is no solution....
More information about the fedora-devel-list
mailing list