Brian Cameron <Brian.Cameron at sun.com> wrote:
> I submitted the separate case LSARC 2009/202 to highlight that
> similar changes are needed for totem, rhythmbox, and sound-juicer.
>
> The following questions were raised, and I think it makes more
> sense to resolve these issues in this LSARC 2009/201 case.
> If the Brasero case changes in any way, I think it makes sense
> for totem, rhythmbox, and sound-juicer to do things the same
> way.
The preferred way is to call cdrecord with the right options and to
read the results to get the information that needs more privileges.
Cdrecord is planned to deliver all the needed information.
> Issues raised were:
>
> - Danek Duvall suggested that we do not deliver a script
> called /usr/bin/brasero and not move the binary
> to /usr/bin/brasero.bin. Instead of doing this, he suggests
> that we instead maintain a patch so that programs re-exec
> themselves underpfexec if they don't have sys_devices,
> rather than cluttering up /usr/bin with scripts.
>
> This seems reasonable to me. Lin?
>
> - Darren Moffat asked;
>
> > Desktop CD User:solaris:cmd:::/usr/bin/brasero.bin:privs=sys_devices
>
> How does this work on Linux kernel based systems ? How do these
> programs get access to the devices ?
Linux is inherently insecure. There was a bug in the Linux driver system
in 2004 that allowed all SCSI commands to be send by any user to any device
in case it could open a device read only.
At that time, some software started being based on tha bug and Linus Torvalds
did not fix the bug (which would have the result to disable these programs) but
rather changed the kernel interfaces in a way that corretly working programs
like cdrecord did not work anymore.
> Given what these programs do I suspect what what is really wanted is
> read and sometimes write access to the CD/DVD device nodes.
>
> Running them with sys_devices to over come that feels really wrong.
> Particularly given that "Desktop CD User" is ultimately being added
> to "Console User".
>
> Can't we instead use logindevperm so that the CD/DVD devices are made
> available with suitable unix permissions - just like we already do
> for USB removable-media devices, generic usb devices, video devices
> etc.
>
> While there exists precedent for this hack I really don't like it
> and having it proliferated further isn't a good idea.
How about changing brasero to call cdrecord to get the information?
J?rg
--
EMail:joerg at schily.isdn.cs.tu-berlin.de (home) J?rg Schilling D-13353 Berlin
js at cs.tu-berlin.de (uni)
joerg.schilling at fokus.fraunhofer.de (work) Blog:
http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily
