Re: [SLE] K3b permissions under SuSE 9.1

From: Paul W. Abrahams (abrahams_at_acm.org)
Date: 12/12/04

  • Next message: Alfredo Cole: "[SLE] SuSE 9.2 and sendmail"
    To: suse-linux-e@suse.com
    Date: Sun, 12 Dec 2004 15:44:29 -0500
    
    

    On Sunday 12 December 2004 3:33 pm, Joe Morris (NTM) wrote:
    >
    > >I'm one of the many folks to encounter the problem of not being able to run
    > >the CD writing program K3B as a non-root user. <snip> Does anyone have a
    solution for 9.1?
    > >
    > >
    > Try setting cdrecord (I usually do it in /etc/permissions.local) suid
    > root (4710), owned root.cdburn, then create the group, adding yourself
    > to the group. I also did the same to cdrdao, mkisofs, cdda2wav. Then
    > it should work as non-root. Be aware that this will break it in a post
    > 2.6.8 kernel, which may have some backporting done in the kernel in
    > 9.1. If that is the case, they would need to be root.root 755.

    With the suid root, why would it also be necessary to change the group, I
    wonder? And turning that around, if I'm in the cdburn group, why would the
    suid root be necessary?

    Given the hazards of getting clobbered by a kernel update, why not do
    root.root 755 in the first place?

    Paul

    -- 
    Check the headers for your unsubscription address
    For additional commands send e-mail to suse-linux-e-help@suse.com
    Also check the archives at http://lists.suse.com
    Please read the FAQs: suse-linux-e-faq@suse.com
    

  • Next message: Alfredo Cole: "[SLE] SuSE 9.2 and sendmail"

    Relevant Pages

    • Re: Etch on USB-HD wont boot - race condition?
      ... notebook but the kernel cannot find the root filesystem. ... I had an initial problem that I think I got solved: On boot, ... Begin: Mounting root file system... ... SCSI device sda: 78140159 512-byte hdwr sectors ...
      (Debian-User)
    • Re: Flaws in recent Linux kernels
      ... Many distributions include other programs which may be ... suitable for exploiting the kernel vulnerability. ... possible to install third-party SUID root programs which may be used. ... A new revision of the Openwall Linux kernel patch, 2.2.19-ow3, is now ...
      (Bugtraq)
    • Re: [PATCH] System Wide Capability Bounding Set
      ... root, you can do anything you want to a machine. ... the threat model becomes how do we prevent one guest from attacking another? ... Which root filesystem do kernel helpers run in in such a setup? ... They need to be able to run arbitrary code in ring 0 of the VM. ...
      (Linux-Kernel)
    • Re: Beige PowerMac G3/266 trouble
      ... I downloaded the minimal "netinst" install CD image from ... The kernel initially seemed to load OK, and told me that it had found the ... At this point it threw up an error saying it couldn't open the root device ... request_module: runaway loop modprobe binfmt-0000 ...
      (comp.os.linux.powerpc)
    • Re: 2.6.9-rc2-mm1
      ... Fails to boot on my Altix. ... diff between 2.6.9-rc1-mm4 and 2.6.9-rc2 indicates some kind of PCI, ... Mounted root readonly. ... -doneshowconsole: Warning: the ioctl TIOCGDEV is not known by the kernel ...
      (Linux-Kernel)