Thomas Maguin <T.Maguin@xxxxxx> writes: > On Thursday 12 January 2006 13:32, you wrote: >> Consider using "sudo". > > and when I want to use k3b? Should I sudo k3b? This could possibly result in a > big security problem. No, you could write a wrapper script that looks like #! /bin/sh exec /usr/bin/sudo /path/to/cdrecord "$@" and point k3b to use that. If it's a single-user desktop machine, /removing/ the setuid bit from cdrecord might actually work, but runs counter to Jörg's recommendations. No memory locking, no real-time priority will work, so it stands a much higher chance of buffer underruns which are detrimental to writing quality even in the light of burnproof, justlink and similar. So in this case, the user needs to make absolutely sure the box is absolutely idle. Better shut off the network so no messages come in and run through the spam filter, don't browse, and at nighttime, shut down cron, too. I recall someone offering cdrecord patches to overcome part of this problem, to the extent of it dropping its permissions too early, apparently they haven't made 2.01.01a04 yet, if they are correct at all. -- Matthias Andree - : send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
