On Fri, 4 Apr 2003 20:20, Paul Johnson wrote: > On Fri, Apr 04, 2003 at 04:42:17AM +1000, bob parker wrote: > > Using a setuid root program (sudo) to avoid having cdrecord or cdrdao set > > up as setuid root just does not any sense to me at all. > > Well, sudo can be used as a means of authentication to limit it to > just trusted users. But for CD burning, I don't see the point.
The point is that cdrdao requires root priveledge to run, period. So far as I can tell there is no difference in risk whether it gets root priveledge by being run with sudo, su root and run it, or being setuid root. To be sure you can can control access to the program using sudo, just as you can using group membership etc. Check the beginning of the thread to see how it got here. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]