Re: cdrtools-2.01a37 ready

To: cdwrite@other.debian.org
Subject: Re: cdrtools-2.01a37 ready
From: Jacob Meuser <jakemsr@jakemsr.com>
Date: Fri, 20 Aug 2004 01:01:45 -0701
Message-id: <[🔎] 20040820080207.GA11813@funk.gsky.dom>
Mail-followup-to: cdwrite@other.debian.org
In-reply-to: <[🔎] 20040820060922.39F06EB8C@murphy.debian.org>
References: <[🔎] 20040820060922.39F06EB8C@murphy.debian.org>

On Fri, Aug 20, 2004 at 08:10:12AM +0200, scdbackup@gmx.net wrote:
> Volker Kuhlmann>
> > Let's not forget that there are 2 separate changes SuSE makes: the DVD
> > addons (daft, and I've told them so),
> 
> About that i don't care much.
> growisofs covers all my DVD needs.
> 
> I understand, though, that these DVD "addons" are an
> unfriendly gesture towards the only person who
> provides CD burning on Linux and several other OSs.
> 
> I mean, if one wants to show Joerg the middle finger
> then please not by constantly forking his alpha
> versions but by bringing a decent Unix style write
> device for data CD into the standard kernel 
> - just for an example. 
> 
> 
> > the SuSE security team (who have a bigger reputation to lose)
> 
> There is a security team with SuSE ? (chuckle)
> 
> Well, at least somebody must be in charge to write 
> advisories like this one :
> 
> Announcement-ID:        SuSE-SA:2004:011
> Date:                   Thursday, May 6th 2004 22:30 MEST
> Affected products:      SUSE LINUX 9.1 Personal Edition Live CD
> Vulnerability Type:     remote root access
> Severity (1-10):        8
> SuSE default package:   yes
> http://www.linuxsecurity.com/advisories/suse_advisory-4305.html
> 
> In that light and if i have to choose ... 
> ... i'll bet on Joerg. :))

really?  the bug in 2.0 was only exploitable if suid.  I don't
know why people in this day and age still want to allow any
user to run any amount of code with root privileges.  face
it, all software sucks; eventualy you will make a mistake.
why put yourself at risk?

> 
> > and the removal of the suid requirement. 
> 
> Exactly with that, SuSE 9.0 failed. 
> I would not call it "removal of the suid requirement"
> if it does not work for normal users with or without
> suid.
> You take an old version from SuSE 7.2 and all is well.
> 
> My software is a parasite on cdrtools and growisofs.
> I am strongly interested in a low percentage of
> non-working installations of both. The cdrtools hacks
> produce a substantial amount of those, i can assure
> you.
> 
> 
> > Compiles OOTB on 9.1 
> 
> Compiler problems come and go with versions of cdrecord
> and Linux. 
> For a while i could safely point towards the distribution
> binaries. But meanwhile i can only wish good luck.
> 
> 
> Have a nice day :)
> 
> Thomas
> 
> 
> -- 
> To UNSUBSCRIBE, email to cdwrite-REQUEST@other.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@other.debian.org

Reply to:

References:
- Re: cdrtools-2.01a37 ready
  - From: scdbackup@gmx.net

Prev by Date: Re: cdrtools-2.01a37 ready
Next by Date: Re: cdrtools-2.01a37 ready
Previous by thread: Re: cdrtools-2.01a37 ready
Next by thread: Re: cdrtools-2.01a37 ready
Index(es):
- Date
- Thread