Am Samstag, 8. Dezember 2001 23:05 schrieb xavyer:
> On Sat, 8 Dec 2001, Oliver Neukum wrote:
> | > E.g. you put int the /etc/fstab
> | >
> | > /dev/phison1 /C ext2 noauto,owner 0 0
> | >
> | > and in the hotplugging script:
> | >
> | > detect what major minor it is, let's say /dev/sdb1 and then
> | > ln -s /dev/sdb1 /dev/phison1
> | >
> | > (of course in reality there is a problem with more than one
> | > identical device at the same time).
> | >
> | > What is wrong with this naive method?
> |
> | You are screwed as soon as somebody presses reset. This may even be
> | exploitable.
>
> We should err on the side of prudence, I would think; but what are we to
> do in the absence of physical security? How are we to know? Do we always
> presume no physical security? I would think so, but leaves the notion of
> 'draconian' lurking in the back of my mind.
>
> Could you elaborate on 'exploitable'? I must not have put the right
> pieces together to get there ...
You attach the disk known to result in lax permissions.
Then you attach the super secret disk.
Then you yank the power cord, take out the first disk and reboot.
> "You can have Fast, Cheap or Reliable; Pick any two."
> Are we trying to get all three?
>
> What is the goal here? It appears as if we are trying to arrive at some
> point where we have capabilities similar to automounting, modprobing,
> /etc/fstab, and pinch of devfs thrown in.
IMHO this should be the ultimate goal.
Regards
Oliver
_______________________________________________
[EMAIL PROTECTED]
To unsubscribe, use the last form field at:
https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
