[luau] Duplicating Music CD

Vince Hoang luau at ml.altern8.net
Mon Dec 9 11:16:00 PST 2002


On Mon, Dec 09, 2002 at 07:22:50AM -1000, W. Wayne Liauh wrote:
> Most distros, RH included, now offer a number of "security"
> options during installation. Only a moron OS (i.e., Linux)
> would require root privilege to copy a CD by default at
> "standard" security. :-)

With SUID, the application runs as root anyway. You merely
avoid the process of having to su or sudo. I look at cd writing
utilities in similar light to dd and mkfs.

> When you run xcdroast for the first time as a non-root, it will
> prompt you to log in as root, to change its configuration in
> order to allow non-noot users. But for some reason, the Red
> Hat version of xcdroast rpm only turns on the setuid bit for
> cdda2wav, but not cdparanoia. This is where the problem arose.

That ultimately should be up to the application, especially
if the package manager does not. I do not think most package
managers are smart enough to know if a package should be
installed in a high/med/low security situation. I have seen the
prompt during OS installation, but that does usually affect how
future packages are installed. I will probably install Mandrake
and Red Hat on a test box to see how much things have changed
now.

> Point to be taken: Don't just give someone a Linux CD and
> expect him/her to fall in love with it. It is important to
> accumulate experience. You will be surprised how much just a
> small modification (from the stock distro) can to do improve
> its image.

But which image? It took a long time for distributions to ship
inetd _without_ 10+ services running out of it by default. Red
Hat was brave enough to offer xinetd early on to better control
what services are running. I think that it is wonderful that some
distributions are shipping software to configure firewall rules
during installation.

I suppose what I really want is role-based access controls to
become widespread. Then certain users can be given privileges
to run software that can write to the raw device. Standard unix
group permissions are probably not verstile enough to do that
well.

I acknowledge that my views do not make Linux more friendly to
the newbie. Windows gives you the power to write CDs without
being administrator. It also lets you format your hard drive by
loading an URL.

-Vince



More information about the LUAU mailing list