SUID to cdrecord and cdrdao
Manuel Arostegui Ramirez
manuel at todo-linux.com
Tue May 22 11:20:28 UTC 2007
On Tuesday 22 May 2007 13:11:00 Adam Tkac wrote:
> Hi all,
> I did some quick think about SUID bits to /usr/bin/cdrecord (wodim) and
> /usr/bin/cdrdao . I'm using k3b for burning and it always write warnings
> like cdrecord will be run with root privileges. What do you think about
> it? Could it cause some security issues or something bad?
> Regards, Adam
As long as a bug is not discovered which affect cdrao or cdrecord and could
allow a buffer overflow or similar, there's no reason to worry about, IMHO.
Even AIX systems have SUID active for those tools.
All the best.
Manuel Arostegui Ramirez.
Electronic Mail is not secure, may not be read every day, and should not
be used for urgent or sensitive issues.
More information about the fedora-devel-list