Lastest Kernel update breaks k3b
Jeremy Katz
katzj at redhat.com
Fri Aug 20 16:57:08 UTC 2004
On Fri, 2004-08-20 at 12:47 -0400, Sean Middleditch wrote:
> k3b uses the cdrecord command line tool to do its work, iirc. You don't
> need to run k3b as root, just make cdrecord setuid. Which is exactly
> how the cdrecord author has always told people to use it. If you want
> to limit who can use cdrecord, change it's group and remove execute
> permissions for 'others'. Then only people in the group (or root) can
> execute cdrecord, and because its setuid root, it'll always work.
...
which is a bad idea as I can now burn anything on the filesystem. Want
a copy of /etc/shadow to start cracking those passwords? Now you can
get one :)
Jeremy
More information about the fedora-devel-list
mailing list