Re: "logical unit communication failure" c2scan NEC ND-4550A 1.07
scdbackup@gmx.net wrote:
> > > I am looking since quite a while for the particular
> > > and substantial security problems which one is said
> > > to have if one allows w-access to a CD/DVD writer.
> > Matthias Andree wrote:
> > As far as I understand Jörg, vendor-specific commands are often involved
> > in CD writing, and if they are filtered out, CD writing may not work
> > with certain devices -- this is the central point of his criticism.
>
> I understand this puts my 60 Euro burner at risk
> if i allow w-access. (It is also at risk if i allow
> physical access with a few drops of Loctite.)
THe bug in the linux kernel was to allow _any_ commands even if only
_read_ access was present.
Instead of fixing this, Linus did change the interface in an incompatible way.
> The setuid privileges demand w-rights ?
NO, with a suid-root installation you can make cdrecord and Linux
more secure than by chmod +w /dev/*
Jörg
--
EMail:joerg@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin
js@cs.tu-berlin.de (uni)
schilling@fokus.fraunhofer.de (work) Blog: http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/old/private/ ftp://ftp.berlios.de/pub/schily
Reply to: