Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Wed, 2 Jan 2002 17:48:04 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Wed, 2 Jan 2002 17:47:55 -0500 Received: from tourian.nerim.net ([62.4.16.79]:46604 "HELO tourian.nerim.net") by vger.kernel.org with SMTP id ; Wed, 2 Jan 2002 17:47:39 -0500 Message-ID: <3C338DCC.3020707@free.fr> Date: Wed, 02 Jan 2002 23:46:36 +0100 From: Lionel Bouton User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.7+) Gecko/20020101 X-Accept-Language: en-us MIME-Version: 1.0 To: esr@thyrsus.com Cc: Dave Jones , Alan Cox , Linux Kernel List Subject: Re: ISA slot detection on PCI systems? In-Reply-To: <20020102164757.A16976@thyrsus.com> <20020102170833.A17655@thyrsus.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Eric S. Raymond wrote: > [...] > > But this is not a bad reason. Allowing people to avoid running suid > programs is a *good* reason. > Usually yes. But for a code that simply parses /dev/kmem content without taking args... Just took a quick look at dmidecode.c and auditing this code doesn't seem out of reach. What's the difference security-wise between running this code in kernel space and in a suid prog? Avoiding loading libraries? Frankly I don't see the point. LB. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/