[CentOS] cdrecord Error (Permissions?)
Bryan J. Smith
thebs413 at earthlink.net
Mon Nov 28 16:24:24 UTC 2005
On Mon, 2005-11-28 at 09:27 -0600, Barry Brimer wrote:
> There is a statement about burning CDs as a non-root user under 2.6.8+ kernels
> at the main page for cdrecord
> <http://cdrecord.berlios.de/old/private/cdrecord.html>
> The summary version is: Burn CDs as root.
FYI, that bug _never_ affected any Red Hat distro IIRC. It _only_
affects distros that suid on cdrecord. Red Hat removed suid on cdrecord
as of Fedora Core 1 (along with countless other "security sanity checks"
done in the move from RHL9 -> FC1), so _all_ releases with kernel 2.6
(FC2+, RHEL4+) don't have the issue. The overwhelming major of other
distros did, and it was really a "Fedora moment" IMHO (especially when
people were still bashing Red Hat and Fedora).
You actually do _not_ need suid on cdrecord. It's a common misnomer.
Most distros set suid for A) so they don't have to set permissions
proper on the CD record device and B) they get priority and increased
memory access. Kernel 2.6.8.x+ now makes "B" impossible, as the kernel
differentiates between access by a suid program and a program actually
running as root. Jorg calls it a "bug," but it's Jorg's program that is
crapping out when it isn't granted access it expects.
I _never_ run cdrecord as root on the console, I just use the console
user which has the correct permissions to do such. Red Hat does it
proper (starting with FC1, pre-kernel 2.6, so FC2+ had no issue). The
overwhelming majority of distros did not when kernel 2.6.8.x+ came out.
--
Bryan J. Smith mailto:b.j.smith at ieee.org
http://thebs413.blogspot.com
------------------------------------------
Some things (or athletes) money can't buy.
For everything else there's "ManningCard."
More information about the CentOS
mailing list