[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SUID to cdrecord and cdrdao



Dnia 22-05-2007, wto o godzinie 22:45 +0200, Krzysztof Halasa
napisał(a):
> Suid and especially root suid is a sensitive thing, you don't chmod
> random files suid root and you don't let random users' random programs
> talk directly to the hardware (which is exactly what cdrecord does).
First of all, cdrecord manages to write to many burners without root
privileges, which means that I do allow it to talk directly to hardware,
only there are some SCSI commands that are considered unsafe. That's why
they require uid 0. My burner requires usage of such commands to
actually burn CD-s, so I pick one (non-random!) program that I know
doesn't screw up my hard drives and give it the privileges. That's
nothing unusual.

Now, there was a bug in cdrecord that allowed any script kiddie to run
any command with root privileges, I know. But on my home PC I don't even
care if it's still there (it isn't, I assure you) and on my servers I
don't even have cdrecord installed (not to mention good practice of
find / -perm -4000).

Besides, nowadays, we have selinux, remember? It's the tricky thing that
makes your exploit useless if cdrecord isn't allowed to exec( ) things.

So it can be done safe if we make it that way and SUID is really needed
for some burners (at least for now). I'm not only not afraid, but
eagerly waiting for it.

Lam

Attachment: signature.asc
Description: To jest część listu podpisana cyfrowo


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]