Benedict Verheyen wrote:
2. In case of cd writing, you can set the SUID of cdrecord and related programs or you can use sudo. Only problem with sudo is that the user has to type sudo in front of the commands.dpkg-reconfigure cdrecord, and then set it suid. Add users to the cdrom group if you want them to be able to burn cds. The only thing is that some people think setting cdrecord suid is a risk.I have never understood why setting cdrecord suid would be a security issue. I mean, i can understand that on a file server for instance one would prefer the sudo method, but on a normal desktop, why wouldn't you use suid? I've always wondered. Benedict
If the machine is isolated behind a firewall, then you probably have nothing to worry about. I think the concern is that cdrecord lets you remotely access the burning device, which could be trouble on a file server as you point out. -Roberto
Attachment:
pgpHbu7gy6B1E.pgp
Description: PGP signature