> Therefore, this patch silently blocks all ioctls except SG_IO, since > all of them turned out to be false positives; in case some escaped, it > should be easily diagnosable or at least bisectable. The warning text > is separated for root and non-root, and the deprecation period for root > users is set to end a year from now.
NAK. Firstly blocking CAP_SYS_RAWIO access by any means to a partition is itself nonsense as the process has enough privilege to go poke the controller I/O registers by hand. That's a gratuitious API breakage. Secondly SG_IO allows users to read and write blocks outside their partition as far as I can see from the verify logic. You either need to block it or smarten up the filter. What were the SG_IO command blocks that were caught ? It's going to be pretty trivial to add a filter->partition_ok to some of them if need be. Anyway it fails both by stopping valid stuff and not stopping insecure and unsafe stuff. Alan -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
