Re: 2.6.8.1 Mis-detect CRDW as CDROM

[Marc Ballarin]

On Tue, 17 Aug 2004 08:32:41 +0200
Frank Steiner <fsteiner-mail@xxxxxxxxxxxxxx> wrote:

> So what's the target in this process? Should users finally be able to
> write cds again without or only with suid bit set? It would be good to
> know if I should try to set all cd writing applications suid or just
> have to wait for some patches coming up that would allow users to
> write cds without suid again...
> 
> If the programs must be set suid, is that safe? In the past I was
> always told that setting e.g. cdrecord suid was a possible security
> issue.

An unpatched cdrecord does not use root privileges to access devices. It
increases its priority, locks memory and drops privileges before doing
anything else. According to its author, cdrecord is designed for this mode
of operation. I don't know if the same is true for growisofs and other
tools.
suid has no effect on the issue at hand (provided cdrecord has not
been modified), it only serves to increase burning reliability.

Regards
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/