Re: cdrecord wihout SUID
#include <hallo.h>
* Dwayne C. Litzenberger [Mon, Aug 07 2006, 03:16:46PM]:
> On Mon, Aug 07, 2006 at 01:39:43PM -0600, Glenn English wrote:
> >If you want to do it without the extra group, just make the burner world
> >write-able. I don't see how a cracker could get much mileage out of that...
>
> Note, however, that if cdrecord doesn't run SUID root, it can't get
> realtime scheduling priority, so you could run into buffer underruns on a
> slow or heavily-loaded system.
It is not only about priorities. In fact most modern systems are
overpowered for writting tasks especially if burn-free feature is used.
There is a problem with not beeing suid which occurs with certain
cdrtools <-> kernel versions. The upstream author does not support
non-(suid)root usage by principle. There is a patch in the BTS to work
around this problem (bailing out on forbidden "rezero_unit").
Eduard.
Reply to: