On 10/18/2010 06:29 PM, Alexander Graf wrote:
A user will get a really nasty surprise if they think they can use a flag or
rely on QEMU to prevent a VM from doing something nasty with a device. If they
have this feeling of security, they're likely to chmod the device to allow
unprivileged users to access it.
But how a device handles ATAPI commands is totally up to the device. If you
issue the wrong sequence, I'm sure there are devices out there that totally
hose themselves. Are you absolutely confident that every ATAPI device out
there is completely safe against hostile code provided that you simply prevent
the FW update commands? I'm certainly not.
Ping?
Who are you pinging?
Regards,
Anthony Liguori
Alex
