Hi, > > > > I wrote: > > > > I am looking since quite a while for the particular > > > > and substantial security problems which one is said > > > > to have if one allows w-access to a CD/DVD writer. > > I understand this puts my 60 Euro burner at risk > Joerg Schilling wrote: > THe bug in the linux kernel was to allow _any_ commands even if only > _read_ access was present.
This is frightening in general and somewhat appeasing in my special problem. (By telling me that not w-perms was the problem which had to be tackled in a hurry.) I understood from some of your statements in the past that you expect severe security problems if any user is able to write to the CD/DVD burner. Obviously you have chosen the workloaden way of programming an automated superuser who cannot be fooled by the user. As said i trust your ability to fight off the vast majority of smart fools. (We should not forget Goedel's Incompleteness and the related Halting Problem when betting on wise automats.) For cdrskin, nevertheless, i would prefer to go the cheap way: The sysadmin is responsible for who has permission to use the burner and people can use cdrskin only for burning CD and killing the burner - but not for attacking system integrity. If there are known tricks to escalate w-permission on /dev/hdc to some more extended privileges (e.g. w-perm on all /dev/hdX) - then i would have to consider a setuid approach. I also would have to reconsider my way of using growisofs. Up to now, i have learnt some interesting pitfalls and augmented the documentation of scdbackup by an advice to mount -o nosuid,nodev. To my luck there was no hard reason, yet, to decide for programming a setuid-safe application. You would spoil my day by naming such a reason, Joerg. But on the long run i would surely have to be thankful for that. Have a nice day :) Thomas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
