FC6 and cdburning

Krzysztof Halasa khc at pm.waw.pl
Sat Jul 29 20:19:09 UTC 2006


dragoran <dragoran at feuerpokemon.de> writes:

> how could this lets a user become root?

Compromising firmware of one device on IDE bus = at least
compromising both master and slave.

> did one of this ever happend before 2.6.8.1 ?
> become root -> I am sure that this never happend (using a scsi command)

How about some proof? Security is not about "being sure".

> 2 one possible but in that case we should block the commands that can
> damage the drive simply blocking almost all commands is no solution....

How do you know which commands are dangerous? There is no standard
for that. Chances are the standard commands are safe but nothing
more.
-- 
Krzysztof Halasa




More information about the fedora-devel-list mailing list