Hello, Here is a small patch to cdrecord version 2.01+01a03 which removes some extra SUID checks that are being made in libscg. This patch removes a (in the words of the upstream author) "hack to get around the lack of uid management".
With this patch applied cdrecord works without SUID and appears to write ISO images correctly on my system. Further tests would be required before one could incorporate it into an actual fix for these bugs... However, for the doubtful I offer the following note---with this patch the file scsi-linux-sg.c is almost identical to the same file in 2.01+01a01. Regards, Kapil. --
--- libscg/scsi-linux-sg.c.orig 2005-05-17 03:18:37.000000000 +0530
+++ libscg/scsi-linux-sg.c 2006-08-01 15:56:16.000000000 +0530
@@ -1227,7 +1227,7 @@
int ret;
sg_io_hdr_t sg_io;
struct timeval to;
-static uid_t cureuid = 0; /* XXX Hack until we have uid
management */
+/* static uid_t cureuid = 0; */ /* XXX Hack until we have
uid management */
if (scgp->fd < 0) {
sp->error = SCG_FATAL;
@@ -1260,18 +1260,23 @@
sg_io.timeout = sp->timeout*1000;
sg_io.flags |= SG_FLAG_DIRECT_IO;
+/*
if (cureuid != 0)
seteuid(0);
again:
errno = 0;
+*/
ret = ioctl(scgp->fd, SG_IO, &sg_io);
- if (ret < 0 && geterrno() == EPERM) { /* XXX Hack until we have uid
management */
+/*
+ if (ret < 0 && geterrno() == EPERM) { */ /* XXX Hack until we
have uid management */
+/*
cureuid = geteuid();
if (seteuid(0) >= 0)
goto again;
}
if (cureuid != 0)
seteuid(cureuid);
+*/
if (scgp->debug > 0) {
js_fprintf((FILE *)scgp->errfile,
@@ -1291,7 +1296,8 @@
scglocal(scgp)->isold = 1;
return (sg_rwsend(scgp));
}
- if (sp->ux_errno == ENXIO || sp->ux_errno == EPERM ||
+ if (sp->ux_errno == ENXIO ||
+/* if (sp->ux_errno == ENXIO || sp->ux_errno == EPERM || */
sp->ux_errno == EINVAL || sp->ux_errno == EACCES) {
return (-1);
}
signature.asc
Description: Digital signature
