[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: cdrecord wihout SUID

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

José Alburquerque wrote:

> My problem is that I'd like cdrecord not to have the SUID set (the 's'
> in '-rwsr-xr--' above).  I'm not sure this is possible, but if it is and
> someone out there knows, I'd really appreciate it!  I'm running testing
> (etch).


Me too etch. With an ATAPI burner.

I fought with this for a while and found the real problem to be permissions
on the /dev file.

On my system, the permissions on the burner (/dev/hdc) are rw for the
group (cdrom) (cdrecord isn't SUID root). Then add vanilla users to the
cdrom group.

If you want to do it without the extra group, just make the burner world
write-able. I don't see how a cracker could get much mileage out of that...

- --
Glenn English
ghe@slsware.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFE15b904yQfZbbTLYRAi0GAJ9ApiP5u+guOYYdwWyOicu7ZKa3cgCfbIJ7
edOblwqoL67PbECPMKsNnpg=
=sq8O
-----END PGP SIGNATURE-----
Reply to: