Lastest Kernel update breaks k3b
Arjan van de Ven
arjanv at redhat.com
Fri Aug 20 17:04:52 UTC 2004
On Fri, 2004-08-20 at 18:57, Jeremy Katz wrote:
> On Fri, 2004-08-20 at 12:47 -0400, Sean Middleditch wrote:
> > k3b uses the cdrecord command line tool to do its work, iirc. You don't
> > need to run k3b as root, just make cdrecord setuid. Which is exactly
> > how the cdrecord author has always told people to use it. If you want
> > to limit who can use cdrecord, change it's group and remove execute
> > permissions for 'others'. Then only people in the group (or root) can
> > execute cdrecord, and because its setuid root, it'll always work.
>
> ...
>
> which is a bad idea as I can now burn anything on the filesystem. Want
> a copy of /etc/shadow to start cracking those passwords? Now you can
> get one :)
cdrecord drops all it's capabilities except the raw hw one...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20040820/cfd4a2df/attachment.sig>
More information about the fedora-devel-list
mailing list