On Tue, 8 Aug 2006 16:55:54 -0600
"Dwayne C. Litzenberger" <dlitz@dlitz.net> wrote:
Also be CAREFUL. On my system, /usr/bin/cdrecord is a SHELL SCRIPT, and
SUID-root shell scripts are a big security hole, IIRC. You probably want
to set the permissions on /usr/bin/cdrecord.mmap.
Good points. OTOH, I always thought that suid on shell scripts was
just unsupported (i.e., script is run without extra permissions by the
kernel). Also, this script (and /usr/bin/cdrecord is a script here as
well) it only chooses the proper cdrecord to run, based on the kernel
version (cdrecord.shm for kernels 2.0 & 2.2, and cdrecord.mmap for
others). So the effective permissions are on the cdrecord.mmap
executable.