Group :: Arquivamento/Gravação de CD
RPM: cdrkit
Main Changelog Spec Patches Sources Download Gear Bugs e FR Repocop
Patch: cdrkit-1.1.9-owl-doc.patch
Download
Download
--- cdrkit/doc/READMEs/README.ATAPI.setup
+++ cdrkit/doc/READMEs/README.ATAPI.setup
@@ -29,7 +29,7 @@ cdrom group ("adduser user cdrom") and let the user completely logout and
re-login.
Note: with certain kernel versions wodim can fail with this message:
"wodim: Operation not permitted. Cannot send SCSI cmd via ioctl"
-In this case it still does need the suid bit - please send patches if you have
+In this case it still does need the SUID bit - please send patches if you have
identified the reason of that problem.
Kernel 2.4.* (for 2.5/2.6, see above)
@@ -81,7 +81,8 @@ Where we start:
(read wodim(1), "man 1 wodim", for details)
10. If you wish to allow non-root users to write CDs, you must give them
- permissions to do so. Set suid-root permissions on the executable,
+ permissions to do so. Set SUID root permissions on the executable,
then add your users to the cdrom group ("adduser user cdrom") and
- let the user completely logout and re-login.
+ let the user completely logout and re-login. Be sure to refer to
+ README.suidroot to get informed of the security risk.
--- cdrkit/doc/READMEs/README.suidroot
+++ cdrkit/doc/READMEs/README.suidroot
@@ -1,29 +1,38 @@
-This is an example of how to install wodim and other cdrkit applications to get
-the root permissions in a safer way.
+This is an example of how to install wodim and some other cdrkit applications
+(only those that specifically support this mode of installation!) to get the
+root permissions in a safer way (compared to use of su, sudo, or the like).
-Usually it is not a good idea to run the applications as root or to
-give users the means to run wodim as root. This gives them an easy way
+Usually it is not a good idea to give users (including your very own non-root
+account) the means to run wodim as root. This gives them an easy way
to fetch sensitive data by writing it to the disk, or pass arbitrary
SCSI commands, e.g. formatting a SCSI disk.
This also applies to root-mode wrappers like sudo, they should be used with
the most possible care.
-The alternative way is installing wodim as suid-root application. In this
+The alternative way is installing wodim as SUID root application. In this
mode, wodim checks permission of the device access by comparing the ownership
of the device node user/group attributes for the real UID/GID of the calling
user.
-To give all user access to use wodim, enter:
+To give all users access to use wodim (usually a bad idea!), enter:
- chown root /usr/local/bin/wodim
- chmod 4711 /usr/local/bin/wodim
+ chown root /usr/bin/wodim
+ chmod 4711 /usr/bin/wodim
-To give a restricted group of users access to wodim, add a group
-"cdburners" to your system and add the trusted users to this group.
+To give a restricted group of users access to wodim, at your own risk, add a
+group "cdburners" to your system and add the trusted users to this group.
Then enter:
- chown root:cdburners /usr/local/bin/wodim
- chmod 4710 /usr/local/bin/wodim
+ chown root:cdburners /usr/bin/wodim
+ chmod 4710 /usr/bin/wodim
+
+Please note that by "giving access to wodim" as illustrated above, you actually
+permit those user accounts to invoke portions of code in wodim, as well as in
+system libraries, as root. This allows any one of those users, or whoever
+might have compromised any of the accounts, to mount attacks on potential
+vulnerabilities in those code paths - and potentially obtain root privileges.
+However, compared to use of sudo (or the like), which would run the entire
+wodim program as root, this is a security improvement.
--- cdrkit/genisoimage/genisoimage.1
+++ cdrkit/genisoimage/genisoimage.1
@@ -2578,11 +2578,6 @@ combinations of the hide options ...
.\" ----------------------------------------
.SH NOTES
.PP
-.B genisoimage
-may safely be installed suid root. This may be needed to allow
-.B genisoimage
-to read the previous session when creating a multisession image.
-.PP
If
.B genisoimage
is creating a filesystem image with Rock Ridge attributes and the
@@ -2594,13 +2589,23 @@ This results in a directory called
.B RR_MOVED
in the root directory of the CD. You cannot avoid this directory.
.PP
-Many boot code options for different platforms are mutualy exclusive because
+Many boot code options for different platforms are mutually exclusive because
the boot blocks cannot coexist, ie. different platforms share the same data
locations in the image. See
http://lists.debian.org/debian-cd/2006/12/msg00109.html for details.
.\" ----------------------------------------
.SH BUGS
.PP
+.B genisoimage
+is not designed to handle untrusted directory trees - that is, those where
+at least one directory entry was previously or is currently under control
+of a potential attacker.
+When
+.B genisoimage
+is used on such a tree, compromise of the account running
+.B genisoimage
+(often root) may result.
+.PP
Any files that have hard links to files not in the tree being copied to the
ISO9660 filesystem will have an incorrect file reference count.
.PP
@@ -2761,7 +2766,8 @@ is derived from
from the
.B cdrtools 2.01.01a08
package from May 2006 (with few updates extracted from cdrtools 2.01.01a24 from
-March 2007) from .IR http://cdrecord.berlios.de/ ,
+March 2007) from
+.IR http://cdrecord.berlios.de/ ,
but is now part of the
.B cdrkit
suite, maintained by Joerg Jaspert, Eduard Bloch, Steve McIntyre, Peter
--- cdrkit/readom/readom.1
+++ cdrkit/readom/readom.1
@@ -360,9 +360,11 @@ login shell.
.PP
Unless you want to risk getting problems,
.B readom
-should be run as root. If you don't want to allow users to become root on your system,
+should be run as root.
+As an option,
.B readom
-may safely be installed suid root.
+may be installed SUID root
+(at your own risk and restricting access to a trusted group of users).
For more information see the additional notes of your system/program
distribution or README.suidroot which is part of the Cdrkit source.
.PP
--- cdrkit/wodim/wodim.1
+++ cdrkit/wodim/wodim.1
@@ -72,8 +72,9 @@ and
.PP
In any case, the user running
.B wodim
-needs read and write access to the particular device file on a Linux system. It
-is recommended to be root or install the application as suid-root, because
+needs read and write access to the particular device file on a Linux system.
+It is recommended to be root or install the application as SUID root (at your
+own risk and restricting access to a trusted group of users), because
certain versions of Linux (kernel) limit the set of SCSI commands allowed for
non-root users. Even if usage without root identity is possible in many cases,
some device drivers still may fail, show unexplainable problems and generally
@@ -158,7 +159,7 @@ In order to be able to use the SCSI transport subsystem of the OS, run at highes
priority and lock itself into core
.B
wodim
-either needs to be run as root, needs to be installed suid root or
+either needs to be run as root, needs to be installed SUID root (risky) or
must be called via
.B RBACs
pfexec mechanism.
@@ -2115,7 +2116,7 @@ to create a disk that is entirely made of dummy data.
.PP
There are also cases where you either need to be root or install
.B wodim
-executable with suid-root permissions. First, if you are using a device
+executable with SUID root permissions (risky). First, if you are using a device
manufactured before 1999 which requires a non-MMC driver, you should run
.B wodim
in dummy mode before writing data. If you find a problem doing this, please
@@ -2132,7 +2133,8 @@ dummy mode and report trouble to the contact address below.
If you still want to run
.B wodim
with root permissions, you can set the permissions of the executable to
-suid-root. See the additional notes of your system/program distribution or
+SUID root (risky).
+See the additional notes of your system/program distribution or
README.suidroot which is part of the cdrkit source.
.PP
You should not connect old drives that do not support