Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Wed, 2 Jan 2002 17:51:44 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Wed, 2 Jan 2002 17:51:25 -0500 Received: from ns.suse.de ([213.95.15.193]:30223 "HELO Cantor.suse.de") by vger.kernel.org with SMTP id ; Wed, 2 Jan 2002 17:51:18 -0500 Date: Wed, 2 Jan 2002 23:51:17 +0100 (CET) From: Dave Jones To: Lionel Bouton Cc: , Alan Cox , Linux Kernel List Subject: Re: ISA slot detection on PCI systems? In-Reply-To: <3C338DCC.3020707@free.fr> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 2 Jan 2002, Lionel Bouton wrote: > > But this is not a bad reason. Allowing people to avoid running suid > > programs is a *good* reason. > Usually yes. But for a code that simply parses /dev/kmem content without > taking args... > Just took a quick look at dmidecode.c and auditing this code doesn't > seem out of reach. Exactly. And 90% of it can be ditched. > What's the difference security-wise between running this code in kernel > space and in a suid prog? Avoiding loading libraries? > Frankly I don't see the point. *shrug* about the same point as having a /proc/acpi/dsdt I'd guess. (Which worked fine as a run-as-root program called acpidmp, but for some reason someone thought it'd be good to dump in /proc) -- | Dave Jones. http://www.codemonkey.org.uk | SuSE Labs - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/