Joerg Schilling schrieb am 29.04.2013 18:36: > Daniel Pielmeier <bil...@gentoo.org> wrote: > >> 2013/4/29 Joerg Schilling <joerg.schill...@fokus.fraunhofer.de> > >>> Do you like people to be able to open security holes? >> >> Adding an option to enable/disable linkage to libcap does not hurt anybody >> it just eases maintaining the package. You can enable it by default if you >> wish. >> >> As long as it is possible to remove libcap from the system the security >> hole you are talking about is still there. The option does not change >> anything. Currently one could still compile cdrtools without libcap and >> afterwards install libcap and use setcap on cdrecord et al. which leads to >> the same problem. > > OK, I could create such an option. > > I just don't like people to be able to do this without knowing that there is > a > potential security problem if the cdrecord binary has been assigned file caps > but cdrecord doesn't understand that it is running with enhanced privileges. > > So I hope that from this discussion people here will remember the problem in > case that somebody later runs into it. > > Jörg >
Thank you very much. I'd appreciate that. I think on Gentoo I can take the measures that such things do not happen. From the distro perspective everything should be okay. Cdrtools is either installed suid root without capabilities and not linked against libcap or it is installed with capabilities and linked against libcap. If users are messing with setcap they should know what they are doing or they are on their own. Thank you for your support. -- Regards Daniel Pielmeier
signature.asc
Description: OpenPGP digital signature