Author Topic: k3b - mkisofs question (Read 1179 times)

Ice-9 · « **on:** 24 January 2003, 03:20 »

When I run the k3b setup it lists everything ok, both my Lite On DVD and Plextor Writer are recognized, no problem with mkisofs, cdrecord or cdrdao.
I click finish and k3b tells me that it saves the config and is ready for use now.
I start and when I go into configuration I see "Reader" and "Writer" but no devices are associated with them, also mkisofs, cdrecord and cdrdao aren't found.

I noticed that k3bsetup was rw for root only
I did chmod 644 k3bsetup and suddenly my devices were detected in user mode too, so were cdrdao and cdrecord.

Now the problem that remains is mkisofs, it's in the xcdwrite group, I added my user to that group, still not found.
When I chmod 711 mkisofs it works, so the user needs to be able to execute it and being member of the xcdwrite group doesn't do the trick.
Is it safe to chmod mkisofs or shouldn't I do it?

And why is it owned and readable only by root by default?

voidmain · « **Reply #1 on:** 24 January 2003, 03:38 »

It should be safe to let users execute this program as long as the SUID bit is not set. Do an:

$ ls -l `which mkisofs`

If it's owned by root and the first four characters in the permissions group look like "-rws" then that means your users would execute "mkisofs" with root authority. As an FYI mine looks like this:

Code: [Select]

Which means that root and anyone in the "xcdwrite" group can execute it and it will run with root privelages. Other related files:

Code: [Select]

Which means only root and the users in the "cdrecording" group can execute the programs, also run with root privelages.

Now I believe k3b works just fine although I have to admit I only tested it a little when I first installed it several months ago. I do recall having a slight issue with permissions when I first installed it to get it to work for a user but I don't remember exactly what I did to make it work. I could do some more tests if you want. Just let me know.

It's easier to make some of this stuff work if you do use the SUID bit for a root owned file but it is a little less secure depending on the application. The alternative would be to make sure that all of the devices (CD raw devices) and direectories that needing to be written to also are given sufficient permissions for the users that need them.

[ January 23, 2003: Message edited by: void main ]

Ice-9 · « **Reply #2 on:** 24 January 2003, 03:46 »

-rwx--x--x 2 root xcdwrite 456777 Dec 23 15:36 mkisofs

this is what it looks like now, originally it was
-rwx--x---
if I chmod it to match
-rws--x---
it simply isn't found.
and I've added my regular user to the xcdwrite group

Now, what could go wrong with execute permissions for "others" as well as for groups?
I'm the only one with physical access to my machine.

voidmain · « **Reply #3 on:** 24 January 2003, 03:50 »

quote:
Originally posted by Ice9:
-rwx--x--x 2 root xcdwrite 456777 Dec 23 15:36 mkisofs

this is what it looks like now, originally it was
-rwx--x---
if I chmod it to match
-rws--x---
it simply isn't found.
and I've added my regular user to the xcdwrite group

Now, what could go wrong with execute permissions for "others" as well as for groups?
I'm the only one with physical access to my machine.

Can I see xcdwrite group line in your /etc/group file? Also after adding your userid to that group did you log off and back on? Type "$ groups" to make sure you are in the group. Also type "$ mkisofs --help" on the command line and make sure it will execute and give you the help screen.

Ice-9 · « **Reply #4 on:** 24 January 2003, 04:04 »

quote:
Also after adding your userid to that group did you log off and back on?

No I didn't.

quote:
Type "$ groups" to make sure you are in the group. Also type "$ mkisofs --help" on the command line and make sure it will execute and give you the help screen.

Ok, I logged out and back in, I'm in the group and mkisofs --help gives me the help screen.
I put the original permissions back on mkisofs and after logging back in it works.
Thanks void main, saved my day once again!!

Still I'd like to know what could possibly have gone wrong with me adding permission to execute to "others".
I guess tha maybe the files being protected from anyone but root are the main reason why Linux isn't affected by viruses that much!

[ January 23, 2003: Message edited by: Ice9 ]

Master of Reality · « **Reply #5 on:** 24 January 2003, 04:54 »

wouldnt all this be solved by just running k3b as root? Isnt it secure to run it as root?

voidmain · « **Reply #6 on:** 24 January 2003, 05:54 »

It's not that big of a deal to get it to run with the proper user permissions, and it is somewhat safer (e.g. catastrophic application problem can't damage your system).

Ice-9 · « **Reply #7 on:** 24 January 2003, 10:59 »

quote:
Originally posted by MoR:

wouldnt all this be solved by just running k3b as root? Isnt it secure to run it as root?

No, it doesn't run as root, tried that.
Some error with "user not found".

Stop Microsoft

News:

Author Topic: k3b - mkisofs question (Read 1179 times)

Ice-9

k3b - mkisofs question

voidmain

k3b - mkisofs question

Ice-9

k3b - mkisofs question

voidmain

k3b - mkisofs question

Ice-9

k3b - mkisofs question

Master of Reality

k3b - mkisofs question

voidmain

k3b - mkisofs question

Ice-9

k3b - mkisofs question