On Tue, Oct 21, 2003 at 11:34:52AM -0400, Roberto Sanchez wrote: > If the machine is isolated behind a firewall, then you probably have > nothing to worry about. I think the concern is that cdrecord lets you > remotely access the burning device, which could be trouble on a file > server as you point out. The fear with suid programs is that you might be able to get root access through a clever hack. Programs have to be very well designed to give up root priviliges or else this is trivial. For example imagine you make "cat" suid... Then someone can do: cat /bin/rm /bin/cat cat -rf / Of course the idea with actual suid programs is that they are designed so as not to allow this kind of thing, but still software isn't always perfect (bug, etc.). Bijan -- Bijan Soleymani <bijan@psq.com> http://www.crasseux.com
Attachment:
signature.asc
Description: Digital signature