Greetings SuSeLand, I'm trying to run a program cdcd that is getting a permission denied error on /dev/cdrom. (Seems like cdcd ran fine on a previous SuSE release.) My ls -al /dev/cdrom shows: lrwxrwxrwx 1 root root 3 Dec 14 19:07 /dev/cdrom -> hdd and /dev/hdd shows: brw-rw---- 1 root disk 22, 64 Nov 8 13:48 /dev/hdd I did a chmod +rx /dev/hdd and things work. But is this the right way to do it? from a security standpoint? Environment:SuSE 6.3 2.2.14 tia steve. Python kicks butt! Steven Pauly (281) 496-8041 (steve.pauly@glm.com) Global Marine Drilling Co. / Houston / Tx / 77079 stevep@brokersys.com / stevep@bash.linux-shell.net -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
cdrom should not be executable.
Should only be readable. (after all, it's a read-only device).
Create a group ``cdrom'' perhaps, chown root.cdrom /dev/hdd, chmod 0440
/dev/hdd.
make programs like cdcd sgid cdrom (if you trust the program), or put
trusted users in group cdrom. The latter is preferred.
----- Original Message -----
From: "Steven Pauly"
And be sure to turn of "check permissions" in the main config file in yast. Keith Warno wrote:
cdrom should not be executable.
Should only be readable. (after all, it's a read-only device).
Create a group ``cdrom'' perhaps, chown root.cdrom /dev/hdd, chmod 0440 /dev/hdd.
make programs like cdcd sgid cdrom (if you trust the program), or put trusted users in group cdrom. The latter is preferred.
-- Michael H. Collins http://www.linuxlink.com 512-442-3151 512-656-9508 The Ultimate WM http://www.xfce.org Fun with the Austin Linux group http://www.austinlug.org -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
participants (3)
-
keith@HaggleWare.com
-
mhtexcollins@austin.rr.com
-
stevep@brokersys.com