Bugtraq mailing list archives

Re: cdrdao insecure filehandling

From: "Pavel Kankovsky" <peak () argo troja mff cuni cz>
Date: Sun, 20 Jan 2002 01:03:31 +0100 (MET)

On Wed, 16 Jan 2002, martin f krafft wrote:

but then you have to be root to burn CDs. there is a reason why cdrdao
is setuid - it needs access to root-owned device files like /dev/scd0
and /dev/sg0 (on Linux that is).

i believe the right solution is to create a new group just for that, and
chgrp these device files to that group. then cdrdao works non-setuid,
and you have user-level control over who should be able to use the
burner, and who shouldn't.


AFAIK, Linux /dev/sgX makes it possible to send virtually any SCSI
command to the device without any serious sanity checking done by
the kernel. After all, G stands for generic. It is not a good idea to
give such a power directly into the hands of users.

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

Current thread:

cdrdao insecure filehandling Jens Steube (Jan 14)
- Re: cdrdao insecure filehandling Guillaume PELAT (Jan 15)
- Re: cdrdao insecure filehandling Anthony DeRobertis (Jan 15)
  - Re: cdrdao insecure filehandling martin f krafft (Jan 16)
    - Re: cdrdao insecure filehandling Luciano Miguel Ferreira Rocha (Jan 17)
    - Re: cdrdao insecure filehandling Pavel Kankovsky (Jan 21)