Re: cdrtools-2.01a37 ready
On Fri, Aug 20, 2004 at 08:10:12AM +0200, scdbackup@gmx.net wrote:
> Volker Kuhlmann>
> > Let's not forget that there are 2 separate changes SuSE makes: the DVD
> > addons (daft, and I've told them so),
>
> About that i don't care much.
> growisofs covers all my DVD needs.
>
> I understand, though, that these DVD "addons" are an
> unfriendly gesture towards the only person who
> provides CD burning on Linux and several other OSs.
>
> I mean, if one wants to show Joerg the middle finger
> then please not by constantly forking his alpha
> versions but by bringing a decent Unix style write
> device for data CD into the standard kernel
> - just for an example.
>
>
> > the SuSE security team (who have a bigger reputation to lose)
>
> There is a security team with SuSE ? (chuckle)
>
> Well, at least somebody must be in charge to write
> advisories like this one :
>
> Announcement-ID: SuSE-SA:2004:011
> Date: Thursday, May 6th 2004 22:30 MEST
> Affected products: SUSE LINUX 9.1 Personal Edition Live CD
> Vulnerability Type: remote root access
> Severity (1-10): 8
> SuSE default package: yes
> http://www.linuxsecurity.com/advisories/suse_advisory-4305.html
>
> In that light and if i have to choose ...
> ... i'll bet on Joerg. :))
really? the bug in 2.0 was only exploitable if suid. I don't
know why people in this day and age still want to allow any
user to run any amount of code with root privileges. face
it, all software sucks; eventualy you will make a mistake.
why put yourself at risk?
>
> > and the removal of the suid requirement.
>
> Exactly with that, SuSE 9.0 failed.
> I would not call it "removal of the suid requirement"
> if it does not work for normal users with or without
> suid.
> You take an old version from SuSE 7.2 and all is well.
>
> My software is a parasite on cdrtools and growisofs.
> I am strongly interested in a low percentage of
> non-working installations of both. The cdrtools hacks
> produce a substantial amount of those, i can assure
> you.
>
>
> > Compiles OOTB on 9.1
>
> Compiler problems come and go with versions of cdrecord
> and Linux.
> For a while i could safely point towards the distribution
> binaries. But meanwhile i can only wish good luck.
>
>
> Have a nice day :)
>
> Thomas
>
>
> --
> To UNSUBSCRIBE, email to cdwrite-REQUEST@other.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@other.debian.org
Reply to: