Re: cdrecord and newer Linux kernels

To: Steve McIntyre <steve@einval.com>
Cc: debian-kernel@lists.debian.org, pkg-cdrtools-devel@alioth.debian.org
Subject: Re: cdrecord and newer Linux kernels
From: Christoph Hellwig <hch@lst.de>
Date: Fri, 11 Nov 2005 00:53:00 +0100
Message-id: <20051110235300.GA19774@lst.de>
In-reply-to: <20051110234729.GT4682@einval.com>
References: <20051110234729.GT4682@einval.com>

On Thu, Nov 10, 2005 at 11:47:29PM +0000, Steve McIntyre wrote:
> In kernel 2.6.8 and later, SCSI generic commands are verified for
> safety. This may be a reasonable measure in some respects, but it
> makes effective non-root CD/DVD burning rather difficult. For best
> performance cdrecord, growisofs and friends may often need to send
> SCSI commands to drives that the kernel may neither know about nor
> understand. And (to add to the pain) these commands are very often
> vendor- or device-specific, so simply allowing those commands in the
> kernel will defeat the point of the verification in the first place.

The whole point of the verification is to allow safe access to a
selected set of raw commands for normal users.  root (or rather
a process that has CAP_SYS_RAWIO) can send any command.  if you need
unknown commands just make sure to burn as root, as everything else
would be unsafe anyway.

Reply to:

Follow-Ups:
- Re: cdrecord and newer Linux kernels
  - From: Steve McIntyre <steve@einval.com>

References:
- cdrecord and newer Linux kernels
  - From: Steve McIntyre <steve@einval.com>

Prev by Date: cdrecord and newer Linux kernels
Next by Date: Bug#279689: marked as done (/boot/vmlinuz-2.6.9-1-686: freeze when starting rivafb)
Previous by thread: cdrecord and newer Linux kernels
Next by thread: Re: cdrecord and newer Linux kernels
Index(es):
- Date
- Thread