[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: cdrtools cdrecord/cdrecord.c

Steve McIntyre <steve@einval.com> writes:

> 18_donotopen_hda.dpatch:
>     dev=ATA:1,0,0 uselessly opens /dev/hda, breaking non-root
>     access. See #228215

Jörg doesn't consider this a bug, we've had this discussion a few days
ago. "If you have proper access permission to write, opening /dev/hda is
not a problem, and if you can access /dev/hdc without privileges, you
got a security problem".

Makes me wonder about set-group-id flag then, the little sibling of
set-user-id.

-- 
Matthias Andree
Reply to: