From owner-freebsd-stable Mon Aug 26 1:26:42 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 95C4537B400 for ; Mon, 26 Aug 2002 01:26:40 -0700 (PDT) Received: from haluter.fromme.com (haluter.fromme.com [212.66.1.135]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1BF6D43E6A for ; Mon, 26 Aug 2002 01:26:34 -0700 (PDT) (envelope-from olli@fromme.com) Received: (from olli@localhost) by haluter.fromme.com (8.11.3/8.11.3) id g7Q8QKb56085; Mon, 26 Aug 2002 10:26:21 +0200 (CEST) (envelope-from olli@fromme.com) From: Oliver Fromme Message-Id: <200208260826.g7Q8QKb56085@haluter.fromme.com> Subject: Re: tosha port causing system to reboot To: ken@kdm.org (Kenneth D. Merry) Date: Mon, 26 Aug 2002 10:26:19 +0200 (CEST) Cc: kaltorak@quake.com.au (Kal Torak), freebsd-stable@FreeBSD.ORG (FreeBSD Stable) In-Reply-To: <20020825213747.B33085@panzer.kdm.org> from "Kenneth D. Merry" at Aug 25, 2002 09:37:47 PM X-Mailer: ELM [version 2.5 PL5] (UNIX, FreeBSD) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Kenneth D. Merry wrote: > In general, though, you can't say that a userland program should never be > able to cause a system panic. Using /dev/mem, you can scribble all over > the place, including registers on most card in the system. Writing random > garbage to /dev/mem will probably panic the system pretty quick. OK, that's true, but you need specific permissions to do that. Tosha doesn't do any "magic" or "forbidden things". Using the standard CAM API should be pretty safe. It is also recommended to _not_ run tosha as root, and _not_ set any s-bits on the binary, but instead using the group access features on the appropriate pass/xpt devices. > Similarly, anybody with access to a pass device can 'camcontrol format > da0'. :) (Not sure whether that would panic the system, since I've never > tried it on a boot device. :) I guess you can panic the system if you hit the swap area. But tosha isn't even able to do that; it's purely for CD- ROM (read-only) access. > It's probably better to say that no *normal* (non-root) user should be able > to panic the system, assuming all device permissions are set to their > default values. Sounds reasonable. Regards Oliver -- Oliver Fromme, Konrad-Celtis-Str. 72, 81369 Munich, Germany ``All that we see or seem is just a dream within a dream.'' (E. A. Poe) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message