Re: What operations in store_parsed_open() need the privilege?

[Da Zheng]

Thomas Bushnell BSG wrote:
> On Thu, 2008-08-28 at 08:42 +0200, Neal H. Walfield wrote:
>   
> > At Wed, 27 Aug 2008 15:05:59 -0700,
> > Thomas Bushnell BSG wrote:
> >     
> > > On Wed, 2008-08-27 at 23:32 +0200, Da Zheng wrote:
> > >       
> > > > I know boot fails and gets EPERM when it calls store_parsed_open, but I 
> > > > need to know what operations inside store_parsed_open() fail. Otherwise, 
> > > > I don't know how to fix it.
> > > >         
> > > Boot assumes that it is run as root, and assumes that quite thoroughly.
> > > You need to have boot simply not even *try* to open such a device.
> > >       
> > I don't understand why boot should somehow override the user in this
> > regard.  It is perfectly legitimate, I think, to give a non-root user
> > access to, e.g., /dev/hda1.  In that case, why should boot not even
> > try to open the device?
> >     
>
> Yes, I think of course you're right.
>   
If the non-user can access /dev/hda1, it means he can operate the hda1 
device directly without the help of the file system.
Is the user really allowed to do it? In Linux or other Unix, this kind 
of operation is forbidden, I think.

Zheng Da