[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Access rights with growisofs

On Thu, Jul 15, 2004 at 02:25:42PM +0200, Andy Polyakov wrote:
> >There is a very big difference between suggesting in documentation and
> >breaking in code.
> 
> I'm sorry that I have seen one too many user/system administrator 
> effectively disregarding security while pursuing every-day practical 
> problems. Yes, administrators might be aware of the fact that it might 
> be not such a good idea to let sudoers run e.g. more(1). It might stand 
> explained in some manual or tutorial. But the point is that growisofs 
> are not mentioned in those manuals or tutorials and vast majority of 
> administrators won't even bother to check if it's appropriate to run it 
> under sudo directly. Therefore I figured an explicit reminder is due. 
> Those two or three users who would consider such code broken have the 
> power to remove few lines in the beginning of main() procedure in 
> growisofs.c, don't they? And OK! Latest update makes it easier to make 
> such decision at build time by issuing 'make 
> WARN=-DI_KNOW_ALL_ABOUT_SUDO' command:-). Cheers. A.

'Tis a good solution ;)

-- 
<jakemsr@jakemsr.com>
Reply to: