FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 05-26-2008, 03:26 PM
Bill Davidsen
 
Default setuid cdrecord vs. wodim

Michael Schwendt wrote:

On Fri, 23 May 2008 22:44:17 -0400, Bill Davidsen wrote:


Michael Schwendt wrote:

On Tue, 20 May 2008 17:33:24 +0200, Valent Turkovic wrote:


Hi,
this guide is the best guide for Fedora 9!

http://fedoraguide.info/index.php/Main_Page
http://digg.com/linux_unix/Best_guide_for_Fedora_9_ever

How to setup MP3 and Video codecs, ATI and Nvidia drivers,
CompizFusion, etc... you need it they got it

Probably most of your question about Fedora 9 are answered there and
the solutions are simple.

Whoever added the setuid cdrecord stuff for k3b, please delete that
or at least give the rationale for making the tools +s. k3b's warning
can't be the only reason.

Just a clarification, I cdrecord is not installed on FC9 at all, rather
there is a program called "wodim" which is linked to cdrecord. Wodim is
a modified version of an old version of cdrecord, not the current
program from the original author.


By any name the kernel filters commands send to the burner which
prevents certain commands from being sent unless you are root,
particularly commands specific to a particular vendor.


So, in other words, Fedora does not work out of the box with such
hardware?

This is an important question, because one argument against Linux
is the number of things to fiddle with [at the command-line] before
a setup becomes usable. (Lots of howtos suggest changing ownership and
permissions of device files, for example.)

If setuid here is a requirement, why is it disabled in the Fedora
package? If memory serves correctly, the cdrecord code drops
privileges after setting up stuff. Is setuid needed or not?


I believe the correct answer is "sometimes" and see below why.


The wodim man page says:

Root permissions are usualy required to get higher process scheduling
priority.

That was claimed as unnecessary a couple of times before.

I regard it as unnecessary on a typical system, required on a system
with high load. Use of a larger than default fifo and burnfree has been
enough to handle scheduling issues for me, even on a humble Celeron with
high load.



In order to be able to use the SCSI transport subsystem of the OS, run
at highest priority and lock itself into core wodim either needs to be
run as root, needs to be installed suid root or must be called via
RBACs pfexec mechanism.

Without a lot of checking of source code, I can only say that either
wodim is not using all of the commands used by cdrecord OR the kernel
has been modified to accept the command which the Linus kernel blocks. I
don't know the answer. The priority and locking in core don't seem to be
needed for typical CPU and memory loads.


However, (a) wodim is based on a older version of cdrecord, and (b)
cdrecord has had some critical updates for D/L DVD and for BlueRay media
in the last month or so. I would expect the original tree of cdrecord to
require setuid and to work better with some hardware. Wodim works with
almost all CD and single layer DVD applications.


I also use growisofs (better user interface to multi-session), and
cdrskin (another OK license).



--
Bill Davidsen <davidsen@tmr.com>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 

Thread Tools




All times are GMT. The time now is 08:28 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org