Dale <[EMAIL PROTECTED]> wrote:
> > In Autumn 2004 this bug was not fixed but the SCSI Linux kernel interface
> > was changed in an incompatible way. Now _some_ SCSI commands work as
> > non-root.
> >
> > SCSI is a try and error protocol and cdrecord checks which commands are
> > working.
> > If it is possible to burn with the limuted non-root command set, it _may_
> > work
> > but there is a high risk for buffer underruns. In this case cdrecord
> > believes
> > that you own a really dumb burner that does not support most of the nice
> > features....
> >
> > Jörg
> So that I have a better understanding of this, if he is not a member of
> the cd/cdrw group then the command would still work as a user?
Since the original security bug hass not been fxed, you are able so send
a limit set of SCSI commands if you are able to open the device read-only.
Libscg opens the devices read/write, so the only effect of such a grup
membership is that cdrecord is able to open the device.
Jörg
--
EMail:[EMAIL PROTECTED] (home) Jörg Schilling D-13353 Berlin
[EMAIL PROTECTED] (uni)
[EMAIL PROTECTED] (work) Blog: http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily
