Hi, On Tue, Aug 11, 2009 at 11:58:42AM +0200, Thomas Schwinge wrote: > On Sun, Aug 09, 2009 at 06:48:05PM +0200, olafbuddenha...@gmx.net > wrote:
> But iopl is a all-or-nothing-like thing (all I/O ports), I see... I guess though that fixing that would still be easier than writing a proper ioperm server. (Ignoring the fact that AFAIK we are only ever using it as an all-or-nothing thing anyways...) > and also is for root only (the device_master port is needed). Well, yes. However, as it uses a standard interface, a standard server could be used to manage file permissions -- I think devnode should fit the bill. Whereas with the special interface, a special server is necessary... > > I still wonder why the extra RPCs are considered better. > > Because they use the capability system for allowing access to > arbitrarily restricted ranges of I/O ports; these capabilities can > then be passed to arbitrary non-root clients. I think this could be implemented by a proxy on top of an improved iopl device just as well... *If* we ever see the need for it. Which actually seems unlikely, as the I/O ports are generally considered legacy, and thus dying out. (I contemplate using such a proxy for a userspace driver framework; but considering the legacy issue, I have serious doubts that it's worth the effort...) -antrik-