security problems with newer ata disks.

Philipp Tölke philipptoelke at web.de
Sat Apr 2 07:21:29 PST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Stephan wrote:
> if u do an
> hdparm -I
> on your device you can see if that drive could get passworded or not.
> 
> they will soon provide a patch for hdparm, so the drive security can be
> freezed at startup.

I read it in the magazine (dead tree form). I have now patched my hdparm
and put an "/sbin/hdparm -F /dev/hde" in my udev-bootscript (so it is
executed as soon as the file "/dev/hde" is created).

It all works fine so long...

But I don't think that's really a high-class security-hole - an attacker
needs root-permissions - and nobody should ever get them...

Cheers,
- --
Philipp Tölke

For those of you without hope, we have rooms
with color TV, cable, and air conditioning.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCTrh53pjW15ah/noRAnpQAJ47881HUPB2j7jsxxE1wABs+Hq0OACfTPTM
svZGTbFUMajpWx0IYQyJOO0=
=Jlj0
-----END PGP SIGNATURE-----



More information about the lfs-security mailing list