Bugtraq mailing list archives
Re: cdrecord local root exploit
From: Marcus Meissner <meissner () suse de>
Date: Wed, 15 Sep 2004 13:15:45 +0200
On Tue, Sep 14, 2004 at 01:51:51PM +1200, Volker Kuhlmann wrote:
echo "cdr-exp.sh -- CDRecord local exploit ( Tested on cdrecord-2.01-0.a27.2mdk + Mandrake10)"I don't see how this is a bug in cdrecord. It's a bug in Mandrake, caused by shipping cdrecord setuid root. You could do the same thing with CVS (set CVS_RSH to /tmp/s) if your distribution was dumb enough to ship cvs setuid root, I would think, yet that wouldn't be a bug in CVS.The author of cdrecord obstinately argues that cdrecord must be installed suid root, and is explicitly recommended. Especially SuSE, who does not install cdrecord suid root, has taken a lot of flak over this lately (investigate special SuSE copyright in versions 2.01a36 to 40 or so). It also seems that kernel 2.6.8 has changes included which make it impossible(?) not to run cdrecord suid root. Seems like a downhill to me but I'm not really qualified to comment.
This has been fixed later on at least.
In any case it would be inappropriate to call it a bug "in cdrecord" when only testing the Mdk version, esp given the amount of patching applied by Mdk. First test a vanilla cdrecord, then other distros.
SUSE is btw not affected, since we have (as previously discussed), patched cdrecord. ;) Ciao, Marcus
Attachment:
_bin
Description:
Current thread:
- cdrecord local root exploit newbug Tseng (Sep 10)
- Re: cdrecord local root exploit Sean Davis (Sep 13)
- Message not available
- Re: cdrecord local root exploit Sean Davis (Sep 13)
- Message not available
- Re: cdrecord local root exploit Volker Kuhlmann (Sep 14)
- Re: cdrecord local root exploit Marcus Meissner (Sep 16)
- Re: cdrecord local root exploit Coleman (Sep 16)
- Re: cdrecord local root exploit Jason T. Miller (Sep 16)
- Re: cdrecord local root exploit Dr Andrew C Aitchison (Sep 27)
- Re: cdrecord local root exploit Jason T. Miller (Sep 30)
- Re: cdrecord local root exploit Sean Davis (Sep 13)