SUID to cdrecord and cdrdao
Josh Bressers
josh at bress.net
Tue May 22 15:06:39 UTC 2007
> >
> > It's completely unneccessary on typical modern computer systems. Ignore the
> > warnings they really only apply on ancient slow systems. (486 etc)
> >
> > Alan
> >
> Imagine that someone starts kernel compilation "make -j 100" and someone
> else starts "cp -r / /back" :) . Not so typical situation but cd burning
> with suid could end fine more probably :)
>
I'm skeptical that this is a good enough reason to potentially open up a
number of security holes. What you speak of is not typical use. If it's a
problem that only a few people have, add a release note about it. They can
weigh the risk vs benefit of such behavior.
The fewer SUID applications we ship, the better. Everything has security
bugs, eventually someone will find them.
--
JB
More information about the fedora-devel-list
mailing list