On 3/11/07, Jonatan Liljedahl <[EMAIL PROTECTED]> wrote: > Is it better to setgid cdrdao to 'cdrecord' group, OR to put users in > this group? (installer could default to that, or one would need to add > them manually...) > The bad thing with setgid'ing cdrdao and other CDR tools would be that > anyone would have the access to mess with the cd burner...
It would make sense to do both, actually. The default permissions for hdc and hdd-type devices can be 0664 by default. For convenience, the default user should probably be added to the appropriate group(s) (cdrecord/console) during the LiveCD installation. In addition, the CDRDAO or Cdrecord recipes could check the permissions to see if both hdc and hdd are world-writable, and if not, Ask_Option "Do you want to allow all users to burn CDs with CDRDAO? y/N" and setgid the executable if the user answers "yes." (If the answer is no, perhaps echo "Add a user to the 'cdrecord' group to allow cd burning" to let people know what the alternative is.) This lets users easily choose between the security models without having to look into the problem on their own. -Andy _______________________________________________ gobolinux-devel mailing list gobolinux-devel@lists.gobolinux.org http://lists.gobolinux.org/mailman/listinfo/gobolinux-devel
