Does hdparm need r/w access for all of its tasks?
I.e. If I place a 'login'(uid) into a group "disk", then set all
my disks to be 'owned' by group 'disk', with read-only access,
what features could be available from 'hdparm' if it only opened
the disk device 'read-only' instead of 'read/write'?
I can understand and support needing write access to the device to
change any of its parameters, but just reading params? Does
hdparm need to open the device with "r/w" access to read parameters?
(I've a similar Q regarding the smartmon tools -- I'd just like to
be able to read the temperature without also having to give out permission to reformat the disk (for example)...I know this isn't
the forum for the smartmon tools, but I wanted to give a specific
idea of the usefulness of having a "read-only" access to disk devices)
The low-level kernel interface which hdparm uses, provides a generic way of issuing any random ATA command from userspace. Such commands include the benevolent IDENTIFY (hdparm -I) command, as well as things like FORMAT_DRIVE and WRITE_SECTORS etc..
Thus,l full R/W (and sysadmin) access is a security requirement for this interface.
Log in to post a comment.