DNS-like idea for SCSI (NIS+ maybe)
What about having something like DNS, so that users could name their SCSI devices? I see that www.sun.com is really 209.249.116.195, but my web browser doesn't make me type that in. There's no mozilla -scanweb to spit out IP addresses. I just use www.sun.com, which is much easier to remember. It's also good for Sun, since they can change the machine used for www.sun.com without having to disable the old box. Am I mistaken? Do you always type in the numbers? If you don't, please try it for a week. We do the same thing for usernames. You type schilling to login, don't you? I doubt you type your UID number. It's nice to be able to have the same account name on different systems, even when you can't get the exact same UID number. Sun tends to use NIS+ for this sort of thing. So on a Solaris box, you might use NIS+ to name the SCSI devices. For Windows, maybe Active Directory would be right. Linux doesn't use those mostly, but it does have a udev program that creates funny-acting files in the /dev directory that could be used to refer to devices. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: cdrtools-2.01a37 ready
On OpenBSD, members of the operator group are allowed to reboot the system, change tapes ... normal things that someone trusted to operate the system would be allowed to do. Letting them write to CD/DVD is very low on the scale of bad things they could already do, like boot into single user mode and mess with all kinds of stuff, and so does not further compromise the security of the system. There is virtually no way anyone could escalate their privileges by simply allowing them to write to a CD device. Sure there is. Write new firmware to the device that lets you lock up the bus or tunnel SCSI commands to another device. You could password-protect all other devices on the bus, format disks with non-standard sector sizes, eject boot media, and so on. People have been hacking firmware, mostly to remove annoying spped restrictions and DVD restrictions, so don't for a moment think that obscurity will save you. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: cdrtools-2.01a37 ready
On Sat, Aug 21, 2004 at 11:04:41AM -0400, Albert Cahalan wrote: On OpenBSD, members of the operator group are allowed to reboot the system, change tapes ... normal things that someone trusted to operate the system would be allowed to do. Letting them write to CD/DVD is very low on the scale of bad things they could already do, like boot into single user mode and mess with all kinds of stuff, and so does not further compromise the security of the system. There is virtually no way anyone could escalate their privileges by simply allowing them to write to a CD device. Sure there is. Write new firmware to the device that lets you lock up the bus or tunnel SCSI commands to another device. You could password-protect all other devices on the bus, format disks with non-standard sector sizes, eject boot media, and so on. People have been hacking firmware, mostly to remove annoying spped restrictions and DVD restrictions, so don't for a moment think that obscurity will save you. Obscurity? What are you talking about? If I thought someone was going to try to overwrite the firmware on an device, they would not be part of the operator group. You apparently did not understand what I was talking about. -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: DNS-like idea for SCSI (NIS+ maybe)
On Sat, 2004-08-21 at 14:28, Joerg Schilling wrote: Albert Cahalan [EMAIL PROTECTED] wrote: What about having something like DNS, so that users could name their SCSI devices? I see that www.sun.com is really 209.249.116.195, but my web browser doesn't make me type that in. There's no mozilla -scanweb to spit out IP addresses. I just use www.sun.com, which is much easier to remember. It's also good for Sun, since they can change the machine used for www.sun.com without having to disable the old box. Am I mistaken? Do you always type in the numbers? If you don't, please try it for a week. We do the same thing for usernames. You type schilling to login, don't you? I doubt you type your UID number. It's nice to be able to have the same account name on different systems, even when you can't get the exact same UID number. Check the man page of cdrecord for a decription of the features that are handled by /etc/default/cdrecord Hmmm, that's pretty good. Do you think you could make all the other programs use that file too? If I define my CD-RW as QueFire in that file, then mount QueFire /mnt had ought to mount it I think. Also, dd if=QueFire should read from the device, and cat QueFire too. It could get kind of confusing if I had a file named QueFire as well though. Perhaps there is a better solution? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: DNS-like idea for SCSI (NIS+ maybe)
Albert Cahalan [EMAIL PROTECTED] wrote: What about having something like DNS, so that users could name their SCSI devices? I see that www.sun.com is really 209.249.116.195, but my web browser doesn't make me type that in. There's no mozilla -scanweb to spit out IP addresses. I just use www.sun.com, which is much easier to remember. It's also good for Sun, since they can change the machine used for www.sun.com without having to disable the old box. Am I mistaken? Do you always type in the numbers? If you don't, please try it for a week. We do the same thing for usernames. You type schilling to login, don't you? I doubt you type your UID number. It's nice to be able to have the same account name on different systems, even when you can't get the exact same UID number. Check the man page of cdrecord for a decription of the features that are handled by /etc/default/cdrecord Jörg -- EMail:[EMAIL PROTECTED] (home) Jörg Schilling D-13353 Berlin [EMAIL PROTECTED](uni) If you don't have iso-8859-1 [EMAIL PROTECTED](work) chars I am Jorg Schilling URL: http://www.fokus.fraunhofer.de/usr/schilling ftp://ftp.berlios.de/pub/schily -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: DNS-like idea for SCSI (NIS+ maybe)
On Sat, 2004-08-21 at 12:06, Albert Cahalan wrote: On Sat, 2004-08-21 at 14:28, Joerg Schilling wrote: Albert Cahalan [EMAIL PROTECTED] wrote: What about having something like DNS, so that users could name their SCSI devices? I see that www.sun.com is really 209.249.116.195, but my web browser doesn't make me type that in. There's no mozilla -scanweb to spit out IP addresses. I just use www.sun.com, which is much easier to remember. It's also good for Sun, since they can change the machine used for www.sun.com without having to disable the old box. Am I mistaken? Do you always type in the numbers? If you don't, please try it for a week. We do the same thing for usernames. You type schilling to login, don't you? I doubt you type your UID number. It's nice to be able to have the same account name on different systems, even when you can't get the exact same UID number. Check the man page of cdrecord for a decription of the features that are handled by /etc/default/cdrecord Hmmm, that's pretty good. Do you think you could make all the other programs use that file too? If I define my CD-RW as QueFire in that file, then mount QueFire /mnt had ought to mount it I think. Also, dd if=QueFire should read from the device, and cat QueFire too. It could get kind of confusing if I had a file named QueFire as well though. Perhaps there is a better solution? Maybe I didn't explain this well enough. Consider those web addresses again. They don't just work in Mozilla. They work with ping, and with traceroute too! So I never bother to remember the numbers, and I don't have to set up separate config files for each program. Heck, I don't even have to set up any config files. It would really suck if traceroute only took the numbers, and if ping wanted them in a different format, like maybe hex or something. How could I keep track of all that? All my Internet programs take the names though, so it's easy. Even sending you an email takes a name. It sure would suck if I had to put your UID number and IP address into some /etc/defaults/evolution file just to send an email to you, and then in a different file if I wanted to use mailx or kmail or mutt or pine... I guess if I want numbers, maybe they'd work. Nobody does that though, not even you. Do you think you could remember my UID number and IP address? You could have an /etc/defaults/mailx file for them if they're hard to remember. The concept works great for files too. Solaris never makes me open a file by the inode number. I doubt that would be allowed even, probably because nobody wants to open files by inode number. Just think if I had to do vi 052525252 (using octal, since vi is really old) or pico 5a5a5a (in hex, since pico is much newer). Maybe a few programs would be decimal or even binary, or they'd use dotted-quad notation like IP addresses. I guess there could kind of be an /etc/defaults/vi file to look up the inodes, but you couldn't edit it that way until after you had edited it! So that would be rough I guess. There'd be so many of those files to set up. You'd need one for every app, but at least it wouldn't be a layering violation like it is when you refer to a file by a filename. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: DNS-like idea for SCSI (NIS+ maybe)
On Sat 21 August 2004 18:06, Albert Cahalan wrote: On Sat, 2004-08-21 at 14:28, Joerg Schilling wrote: Check the man page of cdrecord for a decription of the features that are handled by /etc/default/cdrecord Hmmm, that's pretty good. Do you think you could make all the other programs use that file too? If I define my CD-RW as QueFire in that file, then mount QueFire /mnt had ought to mount it I think. Also, dd if=QueFire should read from the device, and cat QueFire too. It could get kind of confusing if I had a file named QueFire as well though. Perhaps there is a better solution? Uhhm, symlink? Just make a symlink /dev/FancyName (or wherever you want to put it) and point it to the relevant device. I don't mount /dev/hdc either, I mount /dev/cdrom. XMMS opens /dev/cdrom if it plays an audio CD. If I decided to swap around my devices, I'd just change the symlink and be done. I'm don't know much about Solaris, but I imagine mount, dd and cat work with device files there too, which to dd and cat are just files to read from, and to mount are just strings to be passed to the kernel mount command. Of course, this won't do anything for programs that actually send SCSI command directly (like cdrecord et al), since they use bus,target,lun triples. So you'd need a separate system for that, like /etc/default/cdrecord or this NIS+. Lourens -- GPG public key: http://home.student.utwente.nl/l.e.veen/lourens.key
Re: DNS-like idea for SCSI (NIS+ maybe)
On Sat, 2004-08-21 at 17:19, Lourens Veen wrote: On Sat 21 August 2004 18:06, Albert Cahalan wrote: On Sat, 2004-08-21 at 14:28, Joerg Schilling wrote: Check the man page of cdrecord for a decription of the features that are handled by /etc/default/cdrecord Hmmm, that's pretty good. Do you think you could make all the other programs use that file too? If I define my CD-RW as QueFire in that file, then mount QueFire /mnt had ought to mount it I think. Also, dd if=QueFire should read from the device, and cat QueFire too. It could get kind of confusing if I had a file named QueFire as well though. Perhaps there is a better solution? Uhhm, symlink? Just make a symlink /dev/FancyName (or wherever you want to put it) and point it to the relevant device. I don't mount /dev/hdc either, I mount /dev/cdrom. XMMS opens /dev/cdrom if it plays an audio CD. If I decided to swap around my devices, I'd just change the symlink and be done. That makes dd if=/dev/FancyName work, and in fact is exactly what the Linux udev program sets up. The udev programs discovers devices by looking in the /sys filesystem when the system boots or when a hot-plug event happens. Then udev looks at the device (model, size, serialnum, and much more) to match it with a device that I've defined. It won't make dd if=FancyName work unless I put a symlink in every damn directory. I really don't mind having to use /dev/, but I'd hate to have some programs needing it (basically everything) and some other programs (cdrecord at least) being different. It's nice to have a consistant user interface. I'm don't know much about Solaris, but I imagine mount, dd and cat work with device files there too, which to dd and cat are just files to read from, and to mount are just strings to be passed to the kernel mount command. You're right. It kind of makes sense. Of course, this won't do anything for programs that actually send SCSI command directly (like cdrecord et al), since they use bus,target,lun triples. So you'd need a separate system for that, like /etc/default/cdrecord or this NIS+. Well, you could actually use the device files on any modern UNIX-like system. It works for Solaris, Linux, HP-UX, OpenBSD, AIX, and IRIX. You just open the device file and send SCSI commands via an ioctl() or whatever. I'll bet the FreeBSD hackers would love a port of the OpenBSD code, if they haven't added the feature themselves already. It would be easy to use drive letters for Windows, since the cdrecord code is just making fake SCSI IDs out of the drive letters anyway. Probably the Windows users would like that better than the numbers, since the letters would match up with the rest of Windows. The nice thing about using device files or drive letters is that nobody has to change all the other programs to match. Only cdrecord would need to change, and the changes are pretty easy. I guess that MS-DOS and SCO OpenServer could keep using numbers. It's good to make SCO supporters suffer. Actually, dropping SCO support is kind of a duty. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]