Gentoo Archives: gentoo-dev

From:	Samuli Suominen <ssuominen@g.o>
To:	gentoo-dev@l.g.o
Subject:	*Re: [gentoo-dev] useless setid binaries**
Date:	Sat, 28 Jan 2012 07:23:21
Message-Id:	`4F23A19C.2030302@gentoo.org`
In Reply to:	Re: [gentoo-dev] useless set*id binaries by Ulrich Mueller

1	On 01/28/2012 08:28 AM, Ulrich Mueller wrote:
2	>>>>>> On Sat, 28 Jan 2012, Samuli Suominen wrote:
3	>
4	>> i've improved the situation _a bit_:
5	>
6	>> +*cdrtools-3.01_alpha06-r1 (28 Jan 2012)
7	>> +
8	>> + 28 Jan 2012; Samuli Suominen<ssuominen@g.o>
9	>> + +cdrtools-3.01_alpha06-r1.ebuild:
10	>> + Change cdda2wav, cdrecord, readcd and rscsi from suid root to sgid
11	>> disk for
12	>> + udev users (note: tested with cdrecord -scanbus)
13	>
14	> This is definitely not an improvement and should be reverted. The suid
15	> root is also needed to elevate cdrecord's scheduling priority.
16
17	Missed that piece of code and reverted then. Any chance you could be
18	more specific?
19
20	> if has_version sys-fs/udev; then
21	> fowners root:disk /usr/bin/{cdda2wav,cdrecord,readcd} /usr/sbin/rscsi
22	> fperms u-s,g+s /usr/bin/{cdda2wav,cdrecord,readcd} /usr/sbin/rscsi
23	> fi
24	>
25	> Automagic dependency on udev in src_install? Oh my.
26
27	I don't consider this as a automagic to be worried about at all.
28	Was bouncing back and forth with 'use kernel_linux' or 'has_version
29	sys-fs/udev', since wasn't sure how other devmanagers have permissions
30	set. But I guess this is now irrelevant since it's reverted.

Subject	Author
Re: [gentoo-dev] useless set*id binaries	Ulrich Mueller <ulm@g.o>