[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: "logical unit communication failure" c2scan NEC ND-4550A 1.07

scdbackup@gmx.net wrote:

> > > I am looking since quite a while for the particular
> > > and substantial security problems which one is said
> > > to have if one allows w-access to a CD/DVD writer.
> > Matthias Andree wrote: 
> > As far as I understand Jörg, vendor-specific commands are often involved
> > in CD writing, and if they are filtered out, CD writing may not work
> > with certain devices -- this is the central point of his criticism.
> I understand this puts my 60 Euro burner at risk
> if i allow w-access. (It is also at risk if i allow
> physical access with a few drops of Loctite.)

THe bug in the linux kernel was to allow _any_ commands even if only
_read_ access was present.

Instead of fixing this, Linus did change the interface in an incompatible way.

> The setuid privileges demand w-rights ?

NO, with a suid-root installation you can make cdrecord and Linux
more secure than by chmod +w /dev/*


 EMail:joerg@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin
       js@cs.tu-berlin.de                (uni)  
       schilling@fokus.fraunhofer.de     (work) Blog: http://schily.blogspot.com/
 URL:  http://cdrecord.berlios.de/old/private/ ftp://ftp.berlios.de/pub/schily

Reply to: