[systemd-devel] PrivateDevices with more than basic set of devices?
Lennart Poettering
lennart at poettering.net
Mon Jan 26 13:04:10 PST 2015
On Mon, 26.01.15 17:07, Topi Miettinen (toiwoton at gmail.com) wrote:
> On 01/26/15 12:41, Simon McVittie wrote:
> > On 24/01/15 10:09, Topi Miettinen wrote:
> >> For example, smartd only needs access to /dev/sd*.
> >
> > Let me spell that differently: smartd "only" needs the ability to make
> > arbitrary filesystem changes, defeating any possible configurable
> > security mechanism.
>
> Not exactly: it only needs read access. Depending on the system, that
> could be very different from being able to make arbitrary filesystem
> changes.
Sending SMART requests requires the same priviliges as issue direct
low-level write requests to my knowledge, hence I'd say simon is right.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list