On Friday 27 January 2012 20:49:49 Samuli Suominen wrote: > and people have multiple times tried to convince the cdrtools author to > change this, but without success. > the author can be, well, ...
sure, i'm not expecting him to be anything resembling reasonable. but if we
can reduce set*id impact by default and that means carrying a custom patch, i
think that's OK.
i thought we used to have set*id USE flags, but maybe all the packages with it
have migrated away.
my proposal would be to add a patch to ignore EACCES just like it already does
for ENOENT. then add a setuid USE flag that'd give the behavior we have today
(disabled by default) for the binaries that do writing. the ones that only
read have no excuse for needing setuid. then if the user has built with USE=-
setuid, we elog a message like:
you've built with USE=-setuid. that means in order to access
your discs, you need to add yourself to the cdrom group.
if your burning does not go well, you can try adding the cdrom
group to limits.conf with rtprio/mlock access like so:
<snippets for people to copy & paste>
-mike
signature.asc
Description: This is a digitally signed message part.
