I have developed a simple patch for raw1394 that I am just beginning to test that addresses the raw1394 security issue in a way completely different than Jody's proposal. One drawback to using many different device files is the impact of that change on the libraries and applications that will take a long time to sort out and educate. Also, it does not address that certain address space of CSR are well-defined for specified applications and are safe to read/write.
My approach is to use Linux Capabilities to sandbox raw1394 operations. Things such as isochronous communications and asynchronous transactions against the well-defined address ranges (ConfigROM, IEC 61883-1 FCP and plug registers, IIDC) would be left as is and allow existing applications to work fine. Other operations would require CAP_SYS_RAWIO except some things like ARM and ConfigROM manipulation could be CAP_SYS_ADMIN. What do you think? How does that deal with Stefan's issue #4? If it is not adequate, then nothing is because a protocol library in kernel space would just use the same addresses, just by proxy. -- use /dev/video1394, not /dev/raw1394 https://launchpad.net/bugs/6290 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
