Re: cdrdao insecure filehandling

From: Luciano Miguel Ferreira Rocha (strangeat_private)
Date: Wed Jan 16 2002 - 17:22:28 PST

Next message: zen-parse: "'/usr/bin/at 31337 + vuln' problem + exploit"

Previous message: Cisco Systems Product Security Incident Response Team: "Cisco Security Advisory: Hardening of Solaris OS for MGC"
In reply to: martin f krafft: "Re: cdrdao insecure filehandling"
Next in thread: Pavel Kankovsky: "Re: cdrdao insecure filehandling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 16, 2002 at 02:49:13PM +0100, martin f krafft wrote:
> but then you have to be root to burn CDs. there is a reason why cdrdao
> is setuid - it needs access to root-owned device files like /dev/scd0
> and /dev/sg0 (on Linux that is).

On RedHat's distribution, and I believe many others based on PAM, the owner
of those files (or any other so configured) is changed to the user on the
console when he loggs in.

The PAM module responsable for the change of permissions is pam_console.so,
and the file describing the permissions is /etc/security/console.perms.
Just see man pam_console for more details.

Regards,
Luciano Rocha

PS: obviously, I don't know whether Debian uses PAM or not...

-- 
Luciano Rocha, strangeat_private

The trouble with computers is that they do what you tell them, not what
you want.
                -- D. Cohen

Next message: zen-parse: "'/usr/bin/at 31337 + vuln' problem + exploit"
Previous message: Cisco Systems Product Security Incident Response Team: "Cisco Security Advisory: Hardening of Solaris OS for MGC"
In reply to: martin f krafft: "Re: cdrdao insecure filehandling"
Next in thread: Pavel Kankovsky: "Re: cdrdao insecure filehandling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jan 17 2002 - 08:53:59 PST