Joerg Schilling <[EMAIL PROTECTED]> writes: > Nowadays, where there is Burnproof, people complain about coasters because > they listen to incompetent people who tell others _not_ to run cdrecord > in a way on Linux that allows cdrecord to lock in core and to raise priority. > As a result, people get coasters :-(
This needs to be differentiated a bit. Locking pages into memory and requesting real-time scheduler properties are privileged operations, and as such, it becomes a question of trust. Do I trust that the one-man show Jörg Schilling gets every tiny bit right so that privileges (in set-uid mode) are reliably dropped early enough, that there are no backdoors someone could exploit to escalate his rights? As systems administrator in an environment with large numbers of untrusted users, I'd rather remove setuid bits and risk that users bitch around about their coasters, rather than give them one more program that might make them r00t one of my machines. Personally, and some may see this as exaggerated, my trust is diminished if a software for instance hardcodes ISO-8859-1 output (which looks b0rked on UTF-8 consoles), is full of misspellings in messages and documentation, has inconsistent option parsing, and does not have a concise output. There are many really unimportant things wrong, and why would the privileged section of the code have received more attention than other parts? The one tiny thing that allows the exploit is the critical one you'll lose a machine to. -- Matthias Andree
