Re: cdrecord permission problems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> The reason setuid is needed is to allow use of vendor commands, and the 
> command filter in the kernel doesn't allow some as non-root. Certain 
> people in the kernel community refuse to add these command, the author 

Actually thats untrue. We've added commands where it is safe to do so and
we've also repeatedly said to people who wanted to customise the command
list "send patches". Nobody has.

> The right answer would be to have the kernel provide a way such as group 
> id, so I could identify devices and programs I trust with each other. 

That doesn't work. If you give a process access to a CD it can change the
firmware which means next reboot it controls the system. Thus the only
logical thing you can give it is pretty much "all powers"

Alan

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux