> > and even more painfully, what do you do if there's an IO error
> > during execution of the script. The only safe reaction would be a kernel
> > panic.
>
> A kernel panic should only be the result of a catastrophic system
> failure that the kernel cannot continue from.
Unauthorised access _is_ a catastrophe.
> Failing to set permissions on a device doesn't seem like something that
> would qualify for a panic.
Failure to set them is not a security problem.
Abstractly speaking setting permissions/ownership is handing out
priviledges. If that operation fails the system will not function properly,
but security is not compromised.
Failure to reset permissions is quite another thing. It opens up the
possibility that access to other devices is accidentally granted.
> Regardless, a bug in a script can always cause a failure. So can a bug
> in the kernel. I'm not exactly sure what you're getting at here.
Against kernel bugs there's no defense. But security checks _must_
be entirely in kernel.
Regards
Oliver
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
[EMAIL PROTECTED]
To unsubscribe, use the last form field at:
https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
