On Fri, 2004-Oct-15 20:48:35 +0930, Daniel O'Connor wrote: >cdrecord et al talk to the writer directly via xpt and pass, so if you want to >allow non-root users to burn CD/DVDs you need to allow them access to pass >and xpt (which is pretty bad from a security point of view..) It seems I got confused by an error message. The dvdauthor tools (dvd+rw-*) use /dev/cd* and I get errors like: server% dvd+rw-format /dev/cd0c * DVD±RW/-RAM format utility by <appro_at_fy.chalmers.se>, version 4.10. :-( unable to open("/dev/cd0c"): Permission denied server% Studying a ktrace, it seems that all it uses /dev/cd0c for it to issue a CAMGETPASSTHRU and then it opens /dev/passN but when that fails, it issues the above error message :-(. Changing the permissions on /dev/pass0 as well makes it work. >It sucks having to choose between features (growisofs, cdrecord, cdda2wav) and >security (burncd) Since you can identify the pass/xpt/cd device associated with the ATAPI device, it should be safe to make those devices world or group writable even if there are other SCSI devices on the system. -- Peter JeremyReceived on Fri Oct 15 2004 - 19:43:22 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:17 UTC