From c4c571f7e34e62596b0c4008c200f7a8a3c8801c Mon Sep 17 00:00:00 2001 From: Thomas Schmitt Date: Sat, 9 Dec 2006 11:09:42 +0000 Subject: [PATCH] Replaced setuid blocker by warning. People must know themselves what they do. --- cdrskin/cdrskin.c | 28 +++++++++++++++------------- cdrskin/cdrskin_timestamp.h | 2 +- 2 files changed, 16 insertions(+), 14 deletions(-) diff --git a/cdrskin/cdrskin.c b/cdrskin/cdrskin.c index b59e22b..080e648 100644 --- a/cdrskin/cdrskin.c +++ b/cdrskin/cdrskin.c @@ -1960,7 +1960,8 @@ set_dev:; "blanking and burning see output of option -help rather than --help.\n"); printf("Non-cdrecord options:\n"); printf(" --abort_handler do not leave the drive in busy state\n"); - printf(" --allow_setuid disable setuid blocker (very insecure !)\n"); + printf( + " --allow_setuid disable setuid warning (setuid is insecure !)\n"); printf( " --any_track allow source_addresses to match '^-.' or '='\n"); printf(" --demand_a_drive exit !=0 on bus scans with empty result\n"); @@ -2187,18 +2188,6 @@ final_checks:; if(flag&1) goto ex; - if(o->allow_setuid==0 && getuid()!=geteuid()) { - fprintf(stderr, - "cdrskin: SORRY : uid and euid differ. Will abort for safety concerns.\n"); - fprintf(stderr, - "cdrskin: HINT : Consider to allow rw-access to the writer device and\n"); - fprintf(stderr, - "cdrskin: HINT : to run cdrskin under your normal user identity.\n"); - fprintf(stderr, - "cdrskin: HINT : Option --allow_setuid disables this safety check.\n"); - ret= 0; goto ex; - } - if(strlen(o->raw_device_adr)>0 && !o->no_whitelist) { int driveno,hret; char *adr,buf[Cdrskin_adrleN]; @@ -5497,6 +5486,19 @@ int Cdrskin_run(struct CdrskiN *skin, int *exit_value, int flag) int ret; *exit_value= 0; + + if(skin->preskin->allow_setuid==0 && getuid()!=geteuid()) { + fprintf(stderr,"\n"); + fprintf(stderr,"cdrskin: WARNING : THIS PROGRAM WAS TREATED WITH chmod u+s WHICH IS INSECURE !\n"); + fprintf(stderr, + "cdrskin: HINT : Consider to allow rw-access to the writer device and\n"); + fprintf(stderr, + "cdrskin: HINT : to run cdrskin under your normal user identity.\n"); + fprintf(stderr, + "cdrskin: HINT : Option --allow_setuid disables this safety check.\n"); + fprintf(stderr,"\n"); + } + if(skin->do_devices) { if(skin->n_drives<=0 && skin->preskin->scan_demands_drive) {*exit_value= 4; goto no_drive;} diff --git a/cdrskin/cdrskin_timestamp.h b/cdrskin/cdrskin_timestamp.h index 37e542b..172ad05 100644 --- a/cdrskin/cdrskin_timestamp.h +++ b/cdrskin/cdrskin_timestamp.h @@ -1 +1 @@ -#define Cdrskin_timestamP "2006.12.03.204709" +#define Cdrskin_timestamP "2006.12.09.111108"