[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SUID to cdrecord and cdrdao



> >
> > It's completely unneccessary on typical modern computer systems. Ignore the
> > warnings they really only apply on ancient slow systems. (486 etc)
> >
> > Alan
> >   
> Imagine that someone starts kernel compilation "make -j 100" and someone 
> else starts "cp -r / /back" :) . Not so typical situation but cd burning 
> with suid could end fine more probably :)
> 

I'm skeptical that this is a good enough reason to potentially open up a
number of security holes.  What you speak of is not typical use.  If it's a
problem that only a few people have, add a release note about it.  They can
weigh the risk vs benefit of such behavior.

The fewer SUID applications we ship, the better.  Everything has security
bugs, eventually someone will find them.

-- 
    JB


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]