Cdrtools-1.10a04 supports Remote SCSI

Cdrtools-1.10a04 supports Remote SCSI

Post by Joerg Schilli » Wed, 13 Sep 2000 01:06:16



The latest cdrtools alpha, located on

        ftp://ftp.fokus.gmd.de/pub/unix/cdrecord/alpha/

Now supports a Remote SCSI (SCSI Anywhere) protocol.

This protocol allows you to access a remote SCSI drive. It allows
e.g. small workgroups to share one CD-writer in a way that does not
clobber the local memory (real RAM) by the writing process. The
"owner" of the machine that hosts the drive should be able to work
with no problems while a remote burn is running.

I am interested in opinions and experiences about the new protocol.
I am also interested to hear if somebody sees security problems
in the current implementaion.

--



URL:  http://www.fokus.gmd.de/usr/schilling    ftp://ftp.fokus.gmd.de/pub/unix

 
 
 

Cdrtools-1.10a04 supports Remote SCSI

Post by Roland Main » Wed, 13 Sep 2000 02:40:38



> The latest cdrtools alpha, located on

>         ftp://ftp.fokus.gmd.de/pub/unix/cdrecord/alpha/

> Now supports a Remote SCSI (SCSI Anywhere) protocol.

> This protocol allows you to access a remote SCSI drive. It allows
> e.g. small workgroups to share one CD-writer in a way that does not
> clobber the local memory (real RAM) by the writing process. The
> "owner" of the machine that hosts the drive should be able to work
> with no problems while a remote burn is running.

> I am interested in opinions and experiences about the new protocol.
> I am also interested to hear if somebody sees security problems
> in the current implementaion.

Nice :-)

Ideas:
- What about RBAC (Role-Based Access Control, Solaris 2.8/Trusted
Solaris) support ?
- Is there a way to gurantee network bandwidth (I'm still little bit
afraid that the data stream to the cd recorder may be interrupted by
another network application) for the SCSI device ?
- What about a kernel module for rscsi ?

... and the reverse idea:
Long long agoi there was a product which converted SBUS-SCSI-controllers
into network adapters (e.g. network over SCSI).
Does anyone know if this is possible with the current Symbios PCI host
adapters sold by Sun (would require the change of the host adapter scsi
ID...)...

----

Bye,
Roland

--
  __ .  . __


  /O /==\ O\  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
 (;O/ \/ \O;) TEL +49 641 99-13193 FAX +49 641 99-41359

 
 
 

Cdrtools-1.10a04 supports Remote SCSI

Post by Joerg Schilli » Wed, 13 Sep 2000 06:45:14





>> The latest cdrtools alpha, located on

>>         ftp://ftp.fokus.gmd.de/pub/unix/cdrecord/alpha/

>> Now supports a Remote SCSI (SCSI Anywhere) protocol.

>> This protocol allows you to access a remote SCSI drive. It allows
>> e.g. small workgroups to share one CD-writer in a way that does not
>> clobber the local memory (real RAM) by the writing process. The
>> "owner" of the machine that hosts the drive should be able to work
>> with no problems while a remote burn is running.

>> I am interested in opinions and experiences about the new protocol.
>> I am also interested to hear if somebody sees security problems
>> in the current implementaion.

>Nice :-)

>Ideas:
>- What about RBAC (Role-Based Access Control, Solaris 2.8/Trusted
>Solaris) support ?

Sorry, I did not yet have any access to Trusted Solaris.
I have no idea.

Quote:>- Is there a way to gurantee network bandwidth (I'm still little bit
>afraid that the data stream to the cd recorder may be interrupted by
>another network application) for the SCSI device ?

1)      I got 9900 KB/s between two U-10 Running S8
2)      There is BURN-Proof

Quote:>- What about a kernel module for rscsi ?

It is just modelled after 'rmt'

In fact, rscsi.c is based on rmt.c which I created for star-1.3
        ftp://ftp.fokus.gmd.de/pub/unix/star/alpha

The rmt.c project was started 1994 and retired about a month ago,
I finished it with the following features:

        -       100 % compatible with Sun rmt

        -       20-40% faster than Sun rmt

Based on this new code, I created rscsi.

--



URL:  http://www.fokus.gmd.de/usr/schilling    ftp://ftp.fokus.gmd.de/pub/unix

 
 
 

Cdrtools-1.10a04 supports Remote SCSI

Post by Erik Hovla » Wed, 13 Sep 2000 07:07:50


| >Ideas:
| >- What about RBAC (Role-Based Access Control, Solaris 2.8/Trusted
| >Solaris) support ?
|
| Sorry, I did not yet have any access to Trusted Solaris.
| I have no idea.

I think he is refering to the fact that solaris 8, 6/00 includes rbac.
Been a couple of good articles about it lately:
http://www.securityfocus.com/focus/sun/articles/rbac1.html
http://www.securityfocus.com/focus/sun/articles/rbac2.html

E

--
Erik Hovland
Member of Technical Staff, Interferometer Section - 383

I speak for myself not JPL.

 
 
 

Cdrtools-1.10a04 supports Remote SCSI

Post by Roland Main » Thu, 14 Sep 2000 04:26:40


[remote SCSI]

Quote:> >- What about RBAC (Role-Based Access Control, Solaris 2.8/Trusted
> >Solaris) support ?

> Sorry, I did not yet have any access to Trusted Solaris.
> I have no idea.

The feature was added to Solaris in 2.8
See rbac(5) or

Quote:> >- Is there a way to gurantee network bandwidth (I'm still little bit
> >afraid that the data stream to the cd recorder may be interrupted by
> >another network application) for the SCSI device ?

> 1)      I got 9900 KB/s between two U-10 Running S8

Which kind of network (10baseT, 100baseT) ?

Quote:> 2)      There is BURN-Proof

Uhm... what is BURN-Proof !?

Quote:> >- What about a kernel module for rscsi ?

> It is just modelled after 'rmt'

> In fact, rscsi.c is based on rmt.c which I created for star-1.3
>         ftp://ftp.fokus.gmd.de/pub/unix/star/alpha

> The rmt.c project was started 1994 and retired about a month ago,
> I finished it with the following features:

>         -       100 % compatible with Sun rmt

>         -       20-40% faster than Sun rmt

> Based on this new code, I created rscsi.

After visiting rmt(1M)... this means that rexec must be enabled in
/etc/inet/inetd.conf ? What about using a better/stronger
authentification ?

----

Bye,
Roland

--
  __ .  . __


  /O /==\ O\  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
 (;O/ \/ \O;) TEL +49 641 99-13193 FAX +49 641 99-41359

 
 
 

Cdrtools-1.10a04 supports Remote SCSI

Post by Joerg Schilli » Thu, 14 Sep 2000 07:25:02





>[remote SCSI]
>> >- What about RBAC (Role-Based Access Control, Solaris 2.8/Trusted
>> >Solaris) support ?

>> Sorry, I did not yet have any access to Trusted Solaris.
>> I have no idea.

>The feature was added to Solaris in 2.8
>See rbac(5) or


Thank you for the hint, it seems tha I missed this....

Quote:>> >- Is there a way to gurantee network bandwidth (I'm still little bit
>> >afraid that the data stream to the cd recorder may be interrupted by
>> >another network application) for the SCSI device ?

>> 1)      I got 9900 KB/s between two U-10 Running S8

>Which kind of network (10baseT, 100baseT) ?

10BaseT ??? Are you joking? Of course 100MB

Quote:

>> 2)      There is BURN-Proof

>Uhm... what is BURN-Proof !?

Buffer UnderRuN Proof A Sanyo Patent that allows a CD-writer to stop
recording and resume it without creating a broken media.

I currently own 3 drives which support BURN-Proof:

        -       Sanyo BP-2
        -       Plextor PX-W121032
        -       Sanyo CRD-BP1300P

Quote:>> >- What about a kernel module for rscsi ?

>> It is just modelled after 'rmt'

>> In fact, rscsi.c is based on rmt.c which I created for star-1.3
>>         ftp://ftp.fokus.gmd.de/pub/unix/star/alpha

>> The rmt.c project was started 1994 and retired about a month ago,
>> I finished it with the following features:

>>         -       100 % compatible with Sun rmt

>>         -       20-40% faster than Sun rmt

>> Based on this new code, I created rscsi.

>After visiting rmt(1M)... this means that rexec must be enabled in
>/etc/inet/inetd.conf ? What about using a better/stronger
>authentification ?

So rmt(1M) is wrong? ... no, you just missunderstood it.
You may call it via rcmd but I would not recommend to to it.

rmt and rscsi work with rsh

rmt from the star package allow much better security checks than the rmt
implementation foun on Solaris (and will get additional checks via /etc/default/rmt
in future)

rscsi already implements special security checks defined in /etc/default/rscsi

Just read the Announcement file for cdrecord-1.10a04 to see
how the security features work.

--



URL:  http://www.fokus.gmd.de/usr/schilling    ftp://ftp.fokus.gmd.de/pub/unix

 
 
 

Cdrtools-1.10a04 supports Remote SCSI

Post by Roland Main » Thu, 14 Sep 2000 10:18:11


[remote SCSI]

Quote:> >> >- Is there a way to gurantee network bandwidth (I'm still little bit
> >> >afraid that the data stream to the cd recorder may be interrupted by
> >> >another network application) for the SCSI device ?

> >> 1)      I got 9900 KB/s between two U-10 Running S8

> >Which kind of network (10baseT, 100baseT) ?

> 10BaseT ??? Are you joking? Of course 100MB

This wasn't a joke. Some poor universities here in germany are still
using 10base2. Painfull and a shame - but that's the reality...

Quote:> >Uhm... what is BURN-Proof !?

> Buffer UnderRuN Proof A Sanyo Patent that allows a CD-writer to stop
> recording and resume it without creating a broken media.

> I currently own 3 drives which support BURN-Proof:

>         -       Sanyo BP-2
>         -       Plextor PX-W121032
>         -       Sanyo CRD-BP1300P

Nice :-) Any TEAC drivers which supports this ?

[snip]

Quote:> >After visiting rmt(1M)... this means that rexec must be enabled in
> >/etc/inet/inetd.conf ? What about using a better/stronger
> >authentification ?
[snip]
> Just read the Announcement file for cdrecord-1.10a04 to see
> how the security features work.

Thanks !

----

Bye,
Roland

--
  __ .  . __


  /O /==\ O\  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
 (;O/ \/ \O;) TEL +49 641 99-13193 FAX +49 641 99-41359

 
 
 

Cdrtools-1.10a04 supports Remote SCSI

Post by Joerg Schilli » Thu, 14 Sep 2000 18:46:41





>[remote SCSI]
>> >> >- Is there a way to gurantee network bandwidth (I'm still little bit
>> >> >afraid that the data stream to the cd recorder may be interrupted by
>> >> >another network application) for the SCSI device ?

>> >> 1)      I got 9900 KB/s between two U-10 Running S8

>> >Which kind of network (10baseT, 100baseT) ?

>> 10BaseT ??? Are you joking? Of course 100MB

>This wasn't a joke. Some poor universities here in germany are still
>using 10base2. Painfull and a shame - but that's the reality...

With 10-MB/s you should be able to do 4x CD-writing over the network.

Quote:>> >Uhm... what is BURN-Proof !?

>> Buffer UnderRuN Proof A Sanyo Patent that allows a CD-writer to stop
>> recording and resume it without creating a broken media.

>> I currently own 3 drives which support BURN-Proof:

>>         -       Sanyo BP-2
>>         -       Plextor PX-W121032
>>         -       Sanyo CRD-BP1300P

>Nice :-) Any TEAC drivers which supports this ?

TEAC makes their own chipsets for CD-writers. I have not heard about
a similar new feature in TEAC drives. Yamaha plans do develop something
similar but (afaik not with the same features).

Quote:>> >After visiting rmt(1M)... this means that rexec must be enabled in
>> >/etc/inet/inetd.conf ? What about using a better/stronger
>> >authentification ?
>[snip]
>> Just read the Announcement file for cdrecord-1.10a04 to see
>> how the security features work.

>Thanks !

If somebody finds a real security problem, please let me know...

--



URL:  http://www.fokus.gmd.de/usr/schilling    ftp://ftp.fokus.gmd.de/pub/unix

 
 
 

1. Cdrtools-1.9a03 ready

Cdrtools-1.9a03 has just been released.

The main difference for Solaris users is that libscg
now provides a fallback solution from the SCG driver to
the Sun USCSI interface.

This should allow to use ATAPI drives on Solaris 8 sparc
too although there is still an implementation bug in the
Solaris IDE driver that prevents clean SCSI drives to send
SCSI commands to IDE targets. Note that is seems that
Solaris 8 x86 does not have this bug anymore.

Other new features:

-       C2 error scan

-       First support for 99 minute CD-R blank media.

For a complete list of changes see:

        ftp://ftp.fokus.gmd.de/pub/unix/cdrecord/alpha/AN-1.9a03

Download all from:

        ftp://ftp.fokus.gmd.de/pub/unix/cdrecord/alpha/

--



URL:  http://www.fokus.gmd.de/usr/schilling    ftp://ftp.fokus.gmd.de/pub/unix

2. How do I break bsh from a named pipe that stopped reading?

3. cdrtools-1.10 compiles with ccc

4. fvwm

5. linuxppc 2.2.17 / cdrecord 1.10a04 - scsi device MADNESS!

6. Q:Incorrect terminal emulation under CDE

7. Cdrtools-1.8final released

8. Exporting drives to Win95

9. cdrtools-1.8.1 released

10. Re. AIX support for remote tape units Re: AIX support for remote tape units

11. cdrtools now with UDF support

12. cdrtools/mkisofs now supports Solaris x86 boot CDs

13. cdrtools-2.01a24 supports SUID root on Solaris 9