Re: sudo and growisofs
Hi, On Tue, Jul 11, 2006 at 12:03:09PM +0200, Andy Polyakov wrote: [...] sudo growisofs ... /etc/shadow env MKISOFS=/tmp/evil.script sudo growisofs ... is enough reason for vast majority of users. A. How about I create a non superuser burn that is allowed to burn through permissions on the block device and then use: sudo burn cdrecord ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: sudo and growisofs
sudo growisofs ... /etc/shadow env MKISOFS=/tmp/evil.script sudo growisofs ... is enough reason for vast majority of users. A. How about I create a non superuser burn that is allowed to burn through permissions on the block device and then use: Well, who makes sure that input data readable for non-superuser burn? Is it acceptable that account in question can be used for virtually any purpose through env MKISOFS=/tmp/evil.script ...? I bet not, and then we just come back to the workaround suggested in man-page. And once again, if you disagree just compile with 'make WARN=-DI_KNOW_ALL_ABOUT_SUDO' and make your own rules. A. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]