Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 26 Aug 2002 10:26:19 +0200 (CEST)
From:      Oliver Fromme <olli@fromme.com>
To:        ken@kdm.org (Kenneth D. Merry)
Cc:        kaltorak@quake.com.au (Kal Torak), freebsd-stable@FreeBSD.ORG (FreeBSD Stable)
Subject:   Re: tosha port causing system to reboot
Message-ID:  <200208260826.g7Q8QKb56085@haluter.fromme.com>
In-Reply-To: <20020825213747.B33085@panzer.kdm.org> from "Kenneth D. Merry" at Aug 25, 2002 09:37:47 PM

next in thread | previous in thread | raw e-mail | index | archive | help

Kenneth D. Merry wrote:
 > In general, though, you can't say that a userland program should never be
 > able to cause a system panic.  Using /dev/mem, you can scribble all over
 > the place, including registers on most card in the system.  Writing random
 > garbage to /dev/mem will probably panic the system pretty quick.

OK, that's true, but you need specific permissions to do
that.  Tosha doesn't do any "magic" or "forbidden things".
Using the standard CAM API should be pretty safe.

It is also recommended to _not_ run tosha as root, and
_not_ set any s-bits on the binary, but instead using the
group access features on the appropriate pass/xpt devices.

 > Similarly, anybody with access to a pass device can 'camcontrol format
 > da0'.  :)  (Not sure whether that would panic the system, since I've never
 > tried it on a boot device. :)

I guess you can panic the system if you hit the swap area.
But tosha isn't even able to do that; it's purely for CD-
ROM (read-only) access.

 > It's probably better to say that no *normal* (non-root) user should be able
 > to panic the system, assuming all device permissions are set to their
 > default values.

Sounds reasonable.

Regards
   Oliver

-- 
Oliver Fromme, Konrad-Celtis-Str. 72, 81369 Munich, Germany

``All that we see or seem is just a dream within a dream.''
(E. A. Poe)

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208260826.g7Q8QKb56085>