>The fact that this exist is the first security issue. > >BTW: I did also file a bug but I cannot find it..... > >Sun is applying this patch to cdrecord: > >http://src.opensolaris.org/source/xref/sfw/usr/src/cmd/cdrtools/cdrecord.c.patch > >and this allows _any_ user to write _any_ local file to CD or DVD and to read >it back later. > >This is a real security problem that has been introduced by Sun while trying >to hide the effects from the insane privilages treatment on Indiana.
Yeah, that's clearly broken. Who wrote and who reviewed the fix? Casper _______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
