From owner-freebsd-current@FreeBSD.ORG Sat Oct 16 02:34:53 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D51C116A4CE for ; Sat, 16 Oct 2004 02:34:53 +0000 (GMT) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9DE0743D39 for ; Sat, 16 Oct 2004 02:34:52 +0000 (GMT) (envelope-from doconnor@gsoft.com.au) Received: from inchoate.gsoft.com.au (localhost [127.0.0.1]) (authenticated bits=0) by cain.gsoft.com.au (8.12.11/8.12.10) with ESMTP id i9G2YnZj005848; Sat, 16 Oct 2004 12:04:49 +0930 (CST) (envelope-from doconnor@gsoft.com.au) From: "Daniel O'Connor" To: Peter Jeremy Date: Sat, 16 Oct 2004 12:04:38 +0930 User-Agent: KMail/1.7 References: <20041013205141.GA874@galgenberg.net> <200410152048.44173.doconnor@gsoft.com.au> <20041015214318.GS83620@cirb503493.alcatel.com.au> In-Reply-To: <20041015214318.GS83620@cirb503493.alcatel.com.au> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart3042432.zRKtrZN11c"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200410161204.46763.doconnor@gsoft.com.au> X-Spam-Score: -2.5 () IN_REP_TO,PGP_SIGNATURE_2,QUOTED_EMAIL_TEXT,REFERENCES,SPAM_PHRASE_02_03,USER_AGENT X-Scanned-By: MIMEDefang 2.16 (www . roaringpenguin . com / mimedefang) cc: Chuck Swiger cc: freebsd-current@freebsd.org Subject: Re: atapicam(4) as KLD? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Oct 2004 02:34:53 -0000 --nextPart3042432.zRKtrZN11c Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Sat, 16 Oct 2004 07:13, Peter Jeremy wrote: > Studying a ktrace, it seems that all it uses /dev/cd0c for it to issue > a CAMGETPASSTHRU and then it opens /dev/passN but when that fails, it > issues the above error message :-(. Changing the permissions on > /dev/pass0 as well makes it work. > > >It sucks having to choose between features (growisofs, cdrecord, cdda2wa= v) > > and security (burncd) > > Since you can identify the pass/xpt/cd device associated with the ATAPI > device, it should be safe to make those devices world or group writable > even if there are other SCSI devices on the system. I think you need write permissions on all 3 (cd, pass, xpt) but xpt grants = you=20 access to the entire bus so that would be bad from a security POV. Although that said in this specific case the CD writer would be the only th= ing=20 on that bus (unless you had >1 on the same chain, but that is not a good id= ea=20 for reasons to do with IDE sucking) Is there a way in devfs/devd to determine which pass and xpt devices are=20 associated with a given cd device? (my guess is you'd need to run camcontro= l=20 and parse the output..) =2D-=20 Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --nextPart3042432.zRKtrZN11c Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQBBcIjG5ZPcIHs/zowRAr1PAKCY3i+okojptvnnAaxs8pYgsBJzpwCgnZ3i mW/6k2K4lSd36YhxRkxrIOI= =DLqo -----END PGP SIGNATURE----- --nextPart3042432.zRKtrZN11c--