[systemd-devel] PrivateDevices with more than basic set of devices?

Lennart Poettering lennart at poettering.net
Mon Jan 26 13:04:10 PST 2015


On Mon, 26.01.15 17:07, Topi Miettinen (toiwoton at gmail.com) wrote:

> On 01/26/15 12:41, Simon McVittie wrote:
> > On 24/01/15 10:09, Topi Miettinen wrote:
> >> For example, smartd only needs access to /dev/sd*.
> > 
> > Let me spell that differently: smartd "only" needs the ability to make
> > arbitrary filesystem changes, defeating any possible configurable
> > security mechanism.
> 
> Not exactly: it only needs read access. Depending on the system, that
> could be very different from being able to make arbitrary filesystem
> changes.

Sending SMART requests requires the same priviliges as issue direct
low-level write requests to my knowledge, hence I'd say simon is right.

Lennart

-- 
Lennart Poettering, Red Hat


More information about the systemd-devel mailing list