Re: cdrdao / ide-scsi problem
On Fri, 4 Apr 2003 20:20, Paul Johnson wrote:
> On Fri, Apr 04, 2003 at 04:42:17AM +1000, bob parker wrote:
> > Using a setuid root program (sudo) to avoid having cdrecord or cdrdao set
> > up as setuid root just does not any sense to me at all.
> Well, sudo can be used as a means of authentication to limit it to
> just trusted users. But for CD burning, I don't see the point.
The point is that cdrdao requires root priveledge to run, period.
So far as I can tell there is no difference in risk whether it gets root
priveledge by being run with sudo, su root and run it, or being setuid root.
To be sure you can can control access to the program using sudo, just as you
can using group membership etc.
Check the beginning of the thread to see how it got here.