[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: security vs. usability
From:       Marcus Meissner <Marcus.Meissner () caldera ! de>
Date:       2001-02-06 10:17:07
[Download RAW message or body]

In article <01020521330802.00671@casanova> you wrote:
> All I'm going to add to this conversation is the following:

> Before you ban all suid applications in the KDE libs, know that there is one 
> application that absolutely must run set uid root or in a root shell. The app 
> in question is nostraburnit. Nostraburnit calls cdrecord which *must* run as 
> root in order to do what it does with the SCSI bus. If I'm not mistaken, it 
> even has to be run with the user being root, and not just as a suid.

It must not be run as root or setuid root.

You can create a small helper root daemon, which listens on a UNIX domain
socket and passes a filedescriptor pointing to /dev/sgX on request.

No need for setuid and you also get access checks to those devices
and can restrict access to CD Burners (or Scanners).

[It is on our plan to write such a helper but due to time constraints we
 haven't yet.]

Ciao, Marcus

[prev in list] [next in list] [prev in thread] [next in thread]