Michael van Elst wrote: > al...@yandex.ru (Alexander Nasonov) writes: > > >There is a risk even with hardware devices but it's smaller because less > >software is involved. Dumping to cgd is a quite important usecase and > >perhaps we should make an exception. Would it help to RO protect some > >data structures like private keys? > > You would need to protect all data that is required to dump a block, > the keys aren't more important than e.g. the disklabel or the > bus space handle of the disk controller.
True, but you have to protect disklabel even for "hardware" devices. My point was about protecting code specific to a "software" device to make it looks more like "hardware" device. Alex