Re: ethtool documentation

Richard B. Johnson (root@chaos.analogic.com)
Wed, 7 Aug 2002 07:18:17 -0400 (EDT)


On Tue, 6 Aug 2002, Dax Kelson wrote:

> On Tue, 6 Aug 2002, Richard B. Johnson wrote:
>
> > If you let a user write to this area, you will allow the user
> > to destroy the connectivity on a LAN.
> >
> > Because of this, there is no such thing as 'unused eeprom space' in
> > the Ethernet Controllers. Be careful about putting this weapon in
> > the hands of the 'public'. All you need is for one Linux Machine
> > on a LAN to end up with the same IEEE Station Address as another
> > on that LAN and connectivity to everything on that segment will
> > stop. You do this once at an important site and Linux will get a
> > very black eye.
>
> Dick, this "weapon" has been the in the hands of admins and evil-doers for
> YEARS!
>
> It is called /sbin/ifconfig
>
> With this evil command nearly any NIC can masquerade as any one of
> ~281474976710656 possible IEEE Station Addresses. This weapon of
> destruction has seen wide spread proliferation across most Unix varients.
> Human sacrifice, dogs and cats living together, mass hysteria!
>
> Err, no wait.
>
> The sky is not falling, you protest too much.
>
> Dax Kelson
>

That capability is not permanent. If you let users write to the
SEEPROM, permanently changing the IEEE Station Address, you have
let users permanently break their network boards. I do protest
when this capability is in the kernel.

Anybody, who knows how can, write a driver that can destroy their
disk drives, their modems, their audio boards, their screen-cards,
their motherboards, ...the list goes on..., because EEPROMS are
being used now days. But, you don't put that capability in the
kernel as a default.

If you do, you get complaints from those who have had the misfortune of
being interrogated by lawyers.

Also, if you want to destroy Ethernet, mucking with the MAC address
is an easy way to do it.

Cheers,
Dick Johnson
Penguin : Linux version 2.4.18 on an i686 machine (797.90 BogoMips).
The US military has given us many words, FUBAR, SNAFU, now ENRON.
Yes, top management were graduates of West Point and Annapolis.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/