On Tue, Jan 18, 2005 at 05:41:07PM -0200, Juliano Ravasi Ferraz wrote: > Nifty Hat Mitch wrote: > > For the short term try running it with sudo and not setting it SUID. > > Sudo gives you some control over who can run it. SUID opens it wide. > > Dunno... A well written suid application is much more secure than the > same application with sudo. True, but in this case it was not designed to run SUID. sudo lets you specify specific accounts that you trust to run it. SUID lets anyone run it. > > It is possible (under properties for the icon) in many cases to add > > sudo to the command for the point and click iconic folks out there. > > Icon? There is no icon for cdrecord... cdrecord is backend... If you > mean K3b or whatever, it is not a good idea to run it sudo for the same > reason above, and K3b itself only knows about `cdrecord´... not `sudo > cdrecord´. I would have at least to write an intermediate script. Like I said sudo is sometimes better than SUID. I did the sudo thing X-cdroast iconic launcher to limit my pain when low level hardware access was locked out in the kernel for all but root. The critical decision for me was one and only one change to make now and undo later and not a system wide change for all user accounts. -- T o m M i t c h e l l spam unwanted email. SPAM, good eats, and a trademark of Hormel Foods.
