Re: setuid cdrecord vs. wodim

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Michael Schwendt wrote:
On Fri, 23 May 2008 22:44:17 -0400, Bill Davidsen wrote:

Michael Schwendt wrote:
On Tue, 20 May 2008 17:33:24 +0200, Valent Turkovic wrote:

Hi,
this guide is the best guide for Fedora 9!

http://fedoraguide.info/index.php/Main_Page
http://digg.com/linux_unix/Best_guide_for_Fedora_9_ever

How to setup MP3 and Video codecs, ATI and Nvidia drivers,
CompizFusion, etc... you need it they got it :)

Probably most of your question about Fedora 9 are answered there and
the solutions are simple.
Whoever added the setuid cdrecord stuff for k3b, please delete that
or at least give the rationale for making the tools +s. k3b's warning
can't be the only reason.

Just a clarification, I cdrecord is not installed on FC9 at all, rather there is a program called "wodim" which is linked to cdrecord. Wodim is a modified version of an old version of cdrecord, not the current program from the original author.

By any name the kernel filters commands send to the burner which prevents certain commands from being sent unless you are root, particularly commands specific to a particular vendor.

So, in other words, Fedora does not work out of the box with such
hardware?

This is an important question, because one argument against Linux
is the number of things to fiddle with [at the command-line] before
a setup becomes usable. (Lots of howtos suggest changing ownership and
permissions of device files, for example.)

If setuid here is a requirement, why is it disabled in the Fedora
package? If memory serves correctly, the cdrecord code drops
privileges after setting up stuff. Is setuid needed or not?

I believe the correct answer is "sometimes" and see below why.

The wodim man page says:

    Root  permissions  are usualy required to get higher process scheduling
    priority.

That was claimed as unnecessary a couple of times before.

I regard it as unnecessary on a typical system, required on a system with high load. Use of a larger than default fifo and burnfree has been enough to handle scheduling issues for me, even on a humble Celeron with high load.

    In order to be able to use the SCSI transport subsystem of the OS,  run
    at  highest priority and lock itself into core wodim either needs to be
    run as root, needs to be installed suid root  or  must  be  called  via
    RBACs pfexec mechanism.

Without a lot of checking of source code, I can only say that either wodim is not using all of the commands used by cdrecord OR the kernel has been modified to accept the command which the Linus kernel blocks. I don't know the answer. The priority and locking in core don't seem to be needed for typical CPU and memory loads.

However, (a) wodim is based on a older version of cdrecord, and (b) cdrecord has had some critical updates for D/L DVD and for BlueRay media in the last month or so. I would expect the original tree of cdrecord to require setuid and to work better with some hardware. Wodim works with almost all CD and single layer DVD applications.

I also use growisofs (better user interface to multi-session), and cdrskin (another OK license).


--
Bill Davidsen <davidsen@xxxxxxx>
  "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux