Re: Why burnfree is off by default?

[Joerg Schilling <schilling@fokus.fraunhofer.de>]

Matthias Andree <matthias.andree@gmx.de> wrote:

> Joerg Schilling <schilling@fokus.fraunhofer.de> writes:
>
> > Nowadays, where there is Burnproof, people complain about coasters because
> > they listen to incompetent people who tell others _not_ to run cdrecord 
> > in a way on Linux that allows cdrecord to lock in core and to raise priority.
> > As a result, people get coasters :-(
>
> This needs to be differentiated a bit. Locking pages into memory and
> requesting real-time scheduler properties are privileged operations, and
> as such, it becomes a question of trust. Do I trust that the one-man
> show Jörg Schilling gets every tiny bit right so that privileges (in
> set-uid mode) are reliably dropped early enough, that there are no
> backdoors someone could exploit to escalate his rights?

Cdrecord is now 10 years old. It did have 3 privillege problems so far and all
have been fixed in less than a day.

If Linux would offer similar stability as cdrecord and would be as trustworthy
as cdrecord, I could trust Linux.

Please tell me why people trust in something like Linux but don't do for
stable software like cdrecord?

Jörg

-- 
 EMail:joerg@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin
       js@cs.tu-berlin.de		(uni)  
       schilling@fokus.fraunhofer.de	(work) Blog: http://schily.blogspot.com/
 URL:  http://cdrecord.berlios.de/old/private/ ftp://ftp.berlios.de/pub/schily