Dale <[EMAIL PROTECTED]> wrote:
>
> Then what is the point of having a cd/cdrw group? It doesn't seem to
> have "secured" much of anything by having it.
>
> Dale aka confused. It's ok. It's normal for me.
>
Well, I did never propose to go this way. The group you are talkign about
is an "invention" of some people who did not understand the background.
As a result, some of them even tried to modify the cdrecord source code
and finally ended up with something that has more problems than the original
software.
At cdrecord level, the effects are not as bad as they are at different places.
The security bug in Linux in 2004 was "used" by some GUIs and the result is that
the authors included direct SCSI code into the GUI code. This resultet in
non-portable code because no other OS allows to send SCSI commands without
special privileges.
Simple conclusion: just follow the documentation in the man pages ;-)
Install cdrecord suid root on Linux.
Jörg
--
EMail:[EMAIL PROTECTED] (home) Jörg Schilling D-13353 Berlin
[EMAIL PROTECTED] (uni)
[EMAIL PROTECTED] (work) Blog: http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily
