Announcement re suid'd cdrecord
Neal D. Becker
ndbecker2 at verizon.net
Fri Sep 10 14:06:58 UTC 2004
David L Norris wrote:
> On Fri, 2004-09-10 at 10:38 +0100, Paul Howarth wrote:
>> > There was an announcement yesterday about updating cdrecord if it has
>> > been manually suid'd. The link didn't give me any further information
>> > but does that mean if it's not been suid'd then do not update it.
>
> If it is on your system then it would be wise to update.
>
>> This is a wild guess having not looked at the code, but I suspect that
>> the updated cdrecord will refuse to run if it has been installed setuid
>> root because, as the update announcement noted, that would be a very
>> stupid thing to do.
>
> There's a CVE number attached to the announcement. That means there is
> some sort of security problem. (And the announcement subject states
> SECURITY.) Anyone who sets the vulnerable version of cdrecord suid root
> could allow a malicious user to gain root privileges.
>
> Many programs that have security flaws and are suid root can be used to
> compromise the security of the entire system. Thinking toward future
> security flaws one can conclude that it is unwise to allow everyone run
> anything with unrestricted root privileges. The only programs which
> deserve to be suid root are simple programs (such as console-helper)
> which hopefully have had thorough security reviews.
>
> Also, ponder this: cdrecord will allow the user to write data to files,
> disks, etc. If cdrecord is suid root then any malicious (or stupid)
> user could easily destroy system files or entire storage devices. Any
> program that has the ability to write to files should never be suid
> root.
>
And given that recent linux kernels disallow cd writing except as root, what
do you propose?
More information about the fedora-list
mailing list