Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Thu, 3 Jan 2002 08:01:11 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Thu, 3 Jan 2002 08:01:02 -0500 Received: from pincoya.inf.utfsm.cl ([200.1.19.3]:44040 "EHLO pincoya.inf.utfsm.cl") by vger.kernel.org with ESMTP id ; Thu, 3 Jan 2002 08:00:48 -0500 Message-Id: <200201031300.g03D0cwF021145@pincoya.inf.utfsm.cl> To: "Eric S. Raymond" , Linux Kernel List Subject: Re: ISA slot detection on PCI systems? In-Reply-To: Message from "Eric S. Raymond" of "Wed, 02 Jan 2002 16:47:57 CDT." <20020102164757.A16976@thyrsus.com> Date: Thu, 03 Jan 2002 10:00:38 -0300 From: Horst von Brand Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org "Eric S. Raymond" said: [...] > But only for people and programs with root privileges. It all turns > then, on whether we want to insist that all software doing hardware > probing must have root privileges to function. So bind it to a capability. > I submit that the answer is "no" -- the right direction, for security > and other reasons, is to make *fewer* capabilities dependent on root > privileges rather than more, and to reject design approaches that > imply creating more suid programs to give ordinary users capabilities > that involve only *reading* config information. Then create /etc/dmi or /var/log/dmi on boot from an initscript. /proc is a nice idea for _process_ information, the other junk in there should go away IMVHO. Hard to do as it is now customary. Adding more junk is (a) kernel bloat, (b) hard to clean up later. -- Dr. Horst H. von Brand User #22616 counter.li.org Departamento de Informatica Fono: +56 32 654431 Universidad Tecnica Federico Santa Maria +56 32 654239 Casilla 110-V, Valparaiso, Chile Fax: +56 32 797513 - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/