libburnia
/
libburn
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Replaced setuid blocker by warning. People must know themselves what they do.

Browse Source
ZeroThreeEight
Thomas Schmitt 16 years ago
parent 81c86161a7
commit c4c571f7e3
2 changed files with 16 additions and 14 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 28
      cdrskin/cdrskin.c
  2. 2
      cdrskin/cdrskin_timestamp.h

28
cdrskin/cdrskin.c
Unescape View File

@ -1960,7 +1960,8 @@ set_dev:;
"blanking and burning see output of option -help rather than --help.\n");
printf("Non-cdrecord options:\n");
printf(" --abort_handler do not leave the drive in busy state\n");
printf(" --allow_setuid disable setuid blocker (very insecure !)\n");
printf(
" --allow_setuid disable setuid warning (setuid is insecure !)\n");
printf(
" --any_track allow source_addresses to match '^-.' or '='\n");
printf(" --demand_a_drive exit !=0 on bus scans with empty result\n");
@ -2187,18 +2188,6 @@ final_checks:;
if(flag&1)
goto ex;
if(o->allow_setuid==0 && getuid()!=geteuid()) {
fprintf(stderr,
"cdrskin: SORRY : uid and euid differ. Will abort for safety concerns.\n");
fprintf(stderr,
"cdrskin: HINT : Consider to allow rw-access to the writer device and\n");
fprintf(stderr,
"cdrskin: HINT : to run cdrskin under your normal user identity.\n");
fprintf(stderr,
"cdrskin: HINT : Option --allow_setuid disables this safety check.\n");
ret= 0; goto ex;
}
if(strlen(o->raw_device_adr)>0 && !o->no_whitelist) {
int driveno,hret;
char *adr,buf[Cdrskin_adrleN];
@ -5497,6 +5486,19 @@ int Cdrskin_run(struct CdrskiN *skin, int *exit_value, int flag)
int ret;
*exit_value= 0;
if(skin->preskin->allow_setuid==0 && getuid()!=geteuid()) {
fprintf(stderr,"\n");
fprintf(stderr,"cdrskin: WARNING : THIS PROGRAM WAS TREATED WITH chmod u+s WHICH IS INSECURE !\n");
fprintf(stderr,
"cdrskin: HINT : Consider to allow rw-access to the writer device and\n");
fprintf(stderr,
"cdrskin: HINT : to run cdrskin under your normal user identity.\n");
fprintf(stderr,
"cdrskin: HINT : Option --allow_setuid disables this safety check.\n");
fprintf(stderr,"\n");
}
if(skin->do_devices) {
if(skin->n_drives<=0 && skin->preskin->scan_demands_drive)
{*exit_value= 4; goto no_drive;}

2
cdrskin/cdrskin_timestamp.h
Unescape View File

@ -1 +1 @@
#define Cdrskin_timestamP "2006.12.03.204709"
#define Cdrskin_timestamP "2006.12.09.111108"

Write Preview
Loading…
Cancel
Save