David E. Fox wrote:
On Tue, 8 Aug 2006 16:55:54 -0600
"Dwayne C. Litzenberger" <[EMAIL PROTECTED]> wrote:
Also be CAREFUL. On my system, /usr/bin/cdrecord is a SHELL SCRIPT, and
SUID-root shell scripts are a big security hole, IIRC. You probably want
to set the permissions on /usr/bin/cdrecord.mmap.
Good points. OTOH, I always thought that suid on shell scripts was
just unsupported (i.e., script is run without extra permissions by the
kernel). Also, this script (and /usr/bin/cdrecord is a script here as
well) it only chooses the proper cdrecord to run, based on the kernel
version (cdrecord.shm for kernels 2.0 & 2.2, and cdrecord.mmap for
others). So the effective permissions are on the cdrecord.mmap
executable.
I just checked, and on my system cdrecord is also a script functioning
just as you describe above. The permissions on cdrecord.mmap on my
system looks to be the same as the script:
[EMAIL PROTECTED]:~$ which cdrecord.mmap
/usr/bin/cdrecord.mmap
[EMAIL PROTECTED]:~$ ll `!!`
ll `which cdrecord.mmap `
-rwsr-xr-- 1 root cdrom 316K 2006-01-07 13:44 /usr/bin/cdrecord.mmap*
Thanks for the pointers.
Sincerely
Jose
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
