Note: Due to technical difficulties, the Archives are currently not up to date.
GMANE provides an alternative service for most mailing lists. c.f. bug 424647
On Sat, 28 Jan 2012 03:07:45 +0200
Samuli Suominen <ssuominen@g.o> wrote:
> On 01/28/2012 02:41 AM, Mike Frysinger wrote:
> > On Friday 27 January 2012 19:18:07 Samuli Suominen wrote:
> >> On 01/28/2012 02:14 AM, Mike Frysinger wrote:
> >>> along these lines, why is cdrtools set*id ? if we have a "cdrom"
> >>> group, and we assign our cdroms/dvdroms to that group, then we
> >>> already have access control in place and can skip the set*id.
> >>
> >> cdrtools can't probe the drives without the binary being setuid,
> >> or the user belonging to the 'disk' group (and even that is not
> >> enough in some cases if the permissions vary)
> >
> > the drives are owned by the "cdrom" group and have group +rw. so
> > if the user is in the "cdrom" group, why can't they probe the
> > drives ?
> >
> > "disk" owns the non-removable hard drives.
> >
> > $ ls -l /dev/sr0 /dev/sg0 /dev/sg6
> > crw-rw---- 1 root disk 21, 0 Jan 6 23:07 /dev/sg0
> > crw-rw---- 1 root cdrom 21, 6 Jan 6 23:07 /dev/sg6
> > brw-rw---- 1 root cdrom 11, 0 Jan 17 22:28 /dev/sr0
> > -mike
>
> i dont know why, but it does probe also non-removable disks... it
> probes per bus, iirc
>
> you can try it easily yourself:
>
> ssuominen@null ~ $ cdrecord -scanbus
Does user actually need to be able to do this? Doesn't passing dev=...
directly work?
--
Best regards,
Michał Górny
|
|
