On Sat, 30 Apr 2005, Kai Makisara wrote:
> The patch at the end is against 2.6.11.8.
>
> The kernel currently allows any user permitted to access the tape device file
> to send the tape drive commands that may either make the tape drivers internal
...
> filtering. This patch solves the problem for tapes and no more elaborate
> patches are needed. If those are merged to the kernel, this patch can be reversed.
>
> Signed-off-by: Kai Makisara <[email protected]>
>
> --- linux-2.6.11.8/drivers/scsi/st.c 2005-03-03 21:10:36.000000000 +0200
> +++ linux-2.6.11.8-k1/drivers/scsi/st.c 2005-04-30 09:57:21.000000000 +0300
> @@ -3414,7 +3414,10 @@ static int st_ioctl(struct inode *inode,
> case SCSI_IOCTL_GET_BUS_NUMBER:
> break;
> default:
> - i = scsi_cmd_ioctl(file, STp->disk, cmd_in, p);
> + if (!capable(CAP_SYS_RAWIO))
> + i = -EPERM;
> + else
> + i = scsi_cmd_ioctl(file, STp->disk, cmd_in, p);
> if (i != -ENOTTY)
> return i;
> break;
Please hold this patch. Testing the corresponding patch for 2.6.12-rc
showed that this is too restrictive. Best to wait until the next versions
will be reviewed on the linux-scsi list and merged into -rc.
--
Kai
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
