Dnia 22-05-2007, wto o godzinie 22:45 +0200, Krzysztof Halasa napisał(a): > Suid and especially root suid is a sensitive thing, you don't chmod > random files suid root and you don't let random users' random programs > talk directly to the hardware (which is exactly what cdrecord does). First of all, cdrecord manages to write to many burners without root privileges, which means that I do allow it to talk directly to hardware, only there are some SCSI commands that are considered unsafe. That's why they require uid 0. My burner requires usage of such commands to actually burn CD-s, so I pick one (non-random!) program that I know doesn't screw up my hard drives and give it the privileges. That's nothing unusual. Now, there was a bug in cdrecord that allowed any script kiddie to run any command with root privileges, I know. But on my home PC I don't even care if it's still there (it isn't, I assure you) and on my servers I don't even have cdrecord installed (not to mention good practice of find / -perm -4000). Besides, nowadays, we have selinux, remember? It's the tricky thing that makes your exploit useless if cdrecord isn't allowed to exec( ) things. So it can be done safe if we make it that way and SUID is really needed for some burners (at least for now). I'm not only not afraid, but eagerly waiting for it. Lam
Attachment:
signature.asc
Description: To jest =?UTF-8?Q?cz=C4=99=C5=9B=C4=87?= listu podpisana cyfrowo
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
