1 |
Dale <rdalek1967@×××××.com> wrote: |
2 |
|
3 |
> |
4 |
> Then what is the point of having a cd/cdrw group? It doesn't seem to |
5 |
> have "secured" much of anything by having it. |
6 |
> |
7 |
> Dale aka confused. It's ok. It's normal for me. |
8 |
> |
9 |
|
10 |
Well, I did never propose to go this way. The group you are talkign about |
11 |
is an "invention" of some people who did not understand the background. |
12 |
As a result, some of them even tried to modify the cdrecord source code |
13 |
and finally ended up with something that has more problems than the original |
14 |
software. |
15 |
|
16 |
At cdrecord level, the effects are not as bad as they are at different places. |
17 |
The security bug in Linux in 2004 was "used" by some GUIs and the result is that |
18 |
the authors included direct SCSI code into the GUI code. This resultet in |
19 |
non-portable code because no other OS allows to send SCSI commands without |
20 |
special privileges. |
21 |
|
22 |
Simple conclusion: just follow the documentation in the man pages ;-) |
23 |
Install cdrecord suid root on Linux. |
24 |
|
25 |
Jörg |
26 |
|
27 |
-- |
28 |
EMail:joerg@××××××××××××××××××××××××.de (home) Jörg Schilling D-13353 Berlin |
29 |
js@××××××××××××.de (uni) |
30 |
schilling@××××××××××××××××.de (work) Blog: http://schily.blogspot.com/ |
31 |
URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily |