30 May
2013
30 May
'13
03:46
On Wed, 29 May 2013 20:28:48 -0400
Mark Misulich
Yast> Security&Users> User and Group management> Edit User> and add "disk" and "cd-rom" groups.
Remove user from "disk" group. It makes possible for normal user to write whatever it wants to any of your disk devices (/dev/sdaX) bypassing regular file system. ~> ll /dev/sda brw-rw---- 1 root disk 8, 0 May 29 18:31 /dev/sda ^^^^ Disk /dev/sda belongs to group disk, so right now you have the same right as root. Imagine some sound source writing directly to your disk. -- Regards, Rajko. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org