[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: cdrdao / ide-scsi problem

On Fri, 4 Apr 2003 20:20, Paul Johnson wrote:
> On Fri, Apr 04, 2003 at 04:42:17AM +1000, bob parker wrote:
> > Using a setuid root program (sudo) to avoid having cdrecord or cdrdao set
> > up as setuid root just does not any sense to me at all.
> Well, sudo can be used as a means of authentication to limit it to
> just trusted users.  But for CD burning, I don't see the point.

The point is that cdrdao requires root priveledge to run, period.
So far as I can tell there is no difference in risk whether it gets root 
priveledge by being run with sudo, su root and run it, or being setuid root.

To be sure you can can control access to the program using sudo, just as you 
can using group membership etc.

Check the beginning of the thread to see how it got here.

Reply to: