Re: Linux 2.6.8.1 requires changes to cdrecord (and probably every other CD/DVD writing app)

To: ametzler@logic.univie.ac.at, cdwrite@other.debian.org
Subject: Re: Linux 2.6.8.1 requires changes to cdrecord (and probably every other CD/DVD writing app)
From: Joerg Schilling <schilling@fokus.fraunhofer.de>
Date: Tue, 17 Aug 2004 01:13:23 +0200 (CEST)
Message-id: <[🔎] 200408162313.i7GNDNJF027904@burner.fokus.fraunhofer.de>

>From: Andreas Metzler <ametzler@logic.univie.ac.at>

>I do not think that is the case, because it would break _lots_
>of stuff, the problem seems to be that cdrecord drops privileges it
>needs to access the hardware.

Wrong: cdrtools handle privilleges the way you get highest security.
For this reason, cdrecord drops all privilleges as soon as possible if 
possible.

If Linux suddenly changes known behavior, this is a Linux kernel bug.

>> However, in case that they tried to implement similar security
>> enhancements as Sun did starting with Solaris 9, then libscg would
>> need the same modification as it needed on Solaris (switching
>> to/from root bracheting each SCSI command).

>That sounds much more probable.

If this is the case, then it is a fault of the Linux kernel designers.
They should have written a mail to the most important 'users'.
If they did, then cdrtools would have integrated a smooth migration path.

As they did not, it needs to be called a Linux kernel bu that should 
_immeduiately_ fixed.

If they then inform the important users, they may retry this change in 2-4 
months.

>>> Cdrecord needs to keep CAP_SYS_RAWIO.
> 
>> Could you explain this? It is not mentioned in the list if mails you send.

>Linux(iirc since 2.2) supports a finer grained permission model than
>switching UID, POSIX capabilities[1]. Instead of "switching to/from
>root bracketing each SCSI command" you'd simply retain the necessary
>capability, CAP_SYS_RAWIO.
>          cu andreas

If Linux has this, why is there no documentation?
Why is there no man pages for the Linux Kernel at all?

I spend a lot of my time documenting what I did.

If the Linux Kernel people would start to document their hacks, they would get a
chance to understand what they did and could even understand what interfaces 
are. Knowing what an interface is helps to design interfaces in a way that keeps
them stable.


>[1] It is not part of IEEE Std 1003.1. I gather from
>http://wt.xpilot.org/publications/posix.1e/ that the gremium has given
>up on standardizing it.

I don't see anything but ACLs here.

Solaris 10 has a clean documentation for getppriv(2)/setppriv(2)

http://docs.sun.com/db/doc/816-5167/6mbb2jaeu?a=expand

Fine grained privs make sense as they allow e.g. star on Solaris 10 to
run backups without the need to be root.

There are privs to mount a fs, to read all local files and to keep the atime.

Jörg

-- 
 EMail:joerg@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin
       js@cs.tu-berlin.de		(uni)  If you don't have iso-8859-1
       schilling@fokus.fraunhofer.de	(work) chars I am J"org Schilling
 URL:  http://www.fokus.fraunhofer.de/usr/schilling ftp://ftp.berlios.de/pub/schily

Reply to:

Follow-Ups:
- Re: Linux 2.6.8.1 requires changes to cdrecord (and probably every other CD/DVD writing app)
  - From: Ambrose Li <acli@ada.dhs.org>
- Re: Linux 2.6.8.1 requires changes to cdrecord (and probably every other CD/DVD writing app)
  - From: Andreas Metzler <ametzler@downhill.at.eu.org>

Prev by Date: Re: Linux 2.6.8.1 requires changes to cdrecord (and probably every other CD/DVD writing app)
Next by Date: Re: Linux 2.6.8.1 requires changes to cdrecord (and probably every other CD/DVD writing app)
Previous by thread: Re: Linux 2.6.8.1 requires changes to cdrecord (and probably every other CD/DVD writing app)
Next by thread: Re: Linux 2.6.8.1 requires changes to cdrecord (and probably every other CD/DVD writing app)
Index(es):
- Date
- Thread