Re: Access rights with growisofs

To: cdwrite@other.debian.org
Subject: Re: Access rights with growisofs
From: scdbackup@gmx.net
Date: Tue, 13 Jul 2004 09:18:53 +0200
Message-id: <[🔎] 20040713072018.61B28EF4C@murphy.debian.org>

> > However, Andy wrote in his man page for growisofs in
> > dvd+rw-tools-5.19.4.9.7 that 
> > "If executed under sudo(8) growisofs refuses to start."
> > ...
> > And there is the answer to my question.  Andy is rightly concerned
> > that running growisofs under sudo allows any user with sudo privilege
> > read access to any file in the file system, as well as the right to
> > execute program of their choice with elevated privileges.
> 
> IMHO, this is a dumb argument.  Whether or not sudo is properly
> understood, configured or used is not growisofs's problem.

If i get both, Andy and Joerg, right, then they are concerned
about the fact that you cannot configure sudo properly enough
to close all potential security holes within their programs 
(e.g. environment variables which may cause arbitrary programs to
get started with the privileges granted by sudo).

Both clearly advise to use setuid rather than sudo.


Have a nice day :)

Thomas

Reply to:

Follow-Ups:
- Re: Access rights with growisofs
  - From: Jacob Meuser <jakemsr@jakemsr.com>

Prev by Date: Re: Access rights with growisofs
Next by Date: Re: Access rights with growisofs
Previous by thread: Re: Access rights with growisofs
Next by thread: Re: Access rights with growisofs
Index(es):
- Date
- Thread