On Tue, Dec 9, 2008 at 19:46, Allan Gottlieb <[EMAIL PROTECTED]> wrote: > At Tue, 09 Dec 2008 18:44:21 -0500 Andrey Vul <[EMAIL PROTECTED]> wrote: > >> On Tue, Dec 9, 2008 at 17:39, Joerg Schilling >> <[EMAIL PROTECTED]> wrote: >>> "Andrey Vul" <[EMAIL PROTECTED]> wrote: >>> >>>> On Tue, Dec 9, 2008 at 14:18, Joerg Schilling >>>> <[EMAIL PROTECTED]> wrote: >>>> >>>> > >>>> > So you installed it suid to an unprivileged user. >>>> > >>>> Should I do 'chown root:cdrom' for /dev/hd* or 'chown root:disk' for >>>> /dev/sg*? >>>> Which is preferred? >>> >>> If you like to make your system inherently insecure, do this! >>> >>>> And what is group bin supposed to be for? Apparently /usr/bin/cdrecord >>>> is suid bin:bin. >>> >>> This is wrong as mentioned before. >>> >>> I told you to do what's in the cdrecord documentation: Install cdrecord suid >>> root. >>> >>> Just follow my advise... >>> >>> Jörg >>> >> Unfortunately, the gentoo people say that "cdrkit does it without >> root, why can't cdrtools?" >> http://bugs.gentoo.org/show_bug.cgi?id=116026 > > Joerg believes that cdrkit is not as good as cdrtools (I have used only > cdrtools and it works well for me). > > Debates like this go on for far too long on the list. I think you > should accept that: > > 1. cdrecord needs to be suid root > 2. joerg is the expert on cdrtools including cdrecord > 3. If you do not wish to install cdrecord suid root, you can try cdrkit, > but then you cannot expect joerg to help. > > Again, I should say that I have not used cdrkit so am not commenting on > its quality. cdrecord (wodim) had support for dev=/dev/hdX. That was its only advantage. genisoimage filed in comparison to mkisofs. In short, cdrtools is better.
What are the chances that suid root would be allowed in an ebuild patch *without* reigniting the cdr{kit,tools} flamewar? -- Andrey Vul A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail?