On Tue, Dec 9, 2008 at 19:46, Allan Gottlieb <[EMAIL PROTECTED]> wrote:
> At Tue, 09 Dec 2008 18:44:21 -0500 Andrey Vul <[EMAIL PROTECTED]> wrote:
>
>> On Tue, Dec 9, 2008 at 17:39, Joerg Schilling
>> <[EMAIL PROTECTED]> wrote:
>>> "Andrey Vul" <[EMAIL PROTECTED]> wrote:
>>>
>>>> On Tue, Dec 9, 2008 at 14:18, Joerg Schilling
>>>> <[EMAIL PROTECTED]> wrote:
>>>>
>>>> >
>>>> > So you installed it suid to an unprivileged user.
>>>> >
>>>> Should I do 'chown root:cdrom' for /dev/hd* or 'chown root:disk' for
>>>> /dev/sg*?
>>>> Which is preferred?
>>>
>>> If you like to make your system inherently insecure, do this!
>>>
>>>> And what is group bin supposed to be for? Apparently /usr/bin/cdrecord
>>>> is suid bin:bin.
>>>
>>> This is wrong as mentioned before.
>>>
>>> I told you to do what's in the cdrecord documentation: Install cdrecord suid
>>> root.
>>>
>>> Just follow my advise...
>>>
>>> Jörg
>>>
>> Unfortunately, the gentoo people say that "cdrkit does it without
>> root, why can't cdrtools?"
>> http://bugs.gentoo.org/show_bug.cgi?id=116026
>
> Joerg believes that cdrkit is not as good as cdrtools (I have used only
> cdrtools and it works well for me).
>
> Debates like this go on for far too long on the list. I think you
> should accept that:
>
> 1. cdrecord needs to be suid root
> 2. joerg is the expert on cdrtools including cdrecord
> 3. If you do not wish to install cdrecord suid root, you can try cdrkit,
> but then you cannot expect joerg to help.
>
> Again, I should say that I have not used cdrkit so am not commenting on
> its quality.
cdrecord (wodim) had support for dev=/dev/hdX. That was its only advantage.
genisoimage filed in comparison to mkisofs.
In short, cdrtools is better.
What are the chances that suid root would be allowed in an ebuild
patch *without* reigniting the cdr{kit,tools} flamewar?
--
Andrey Vul
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?
