Vaio eeprom security issue

Greg KH greg at kroah.com
Sat Aug 9 01:09:53 CEST 2003


On Thu, Aug 07, 2003 at 12:05:01PM +0200, Jean Delvare wrote:
> 
> > On Wed, Aug 06, 2003 at 11:36:17PM +0200, Jean Delvare wrote:
> > > 
> > > 3* Define a security policy for that password issue. I think we
> > > simply should disable the Vaio EEPROM in the eeprom module if we
> > > find there is a password set. It could be forced using the
> > > force_eeprom module parameter (or should we define another module
> > > parameter?) Another possibility is to hide that particular field
> > > instead, but I'm not sure it's worth the work.
> > 
> > How about only allowing root (or the proper CAP_* value) to read this
> > value.  I imagine it would be useful for some people to get access to
> > this for legimate reasons.
> 
> I'm not sure I get what you mean there (what are these CAP_* values?).

Different capability permission values.  Look in
include/linux/capability.h for more information.  It's more fine grained
than just "root".

Hope this helps,

greg k-h



More information about the lm-sensors mailing list