Miscellaneous > Applications
k3b - mkisofs question
Ice-9:
When I run the k3b setup it lists everything ok, both my Lite On DVD and Plextor Writer are recognized, no problem with mkisofs, cdrecord or cdrdao.
I click finish and k3b tells me that it saves the config and is ready for use now.
I start and when I go into configuration I see "Reader" and "Writer" but no devices are associated with them, also mkisofs, cdrecord and cdrdao aren't found.
I noticed that k3bsetup was rw for root only
I did chmod 644 k3bsetup and suddenly my devices were detected in user mode too, so were cdrdao and cdrecord.
Now the problem that remains is mkisofs, it's in the xcdwrite group, I added my user to that group, still not found.
When I chmod 711 mkisofs it works, so the user needs to be able to execute it and being member of the xcdwrite group doesn't do the trick.
Is it safe to chmod mkisofs or shouldn't I do it?
And why is it owned and readable only by root by default?
voidmain:
It should be safe to let users execute this program as long as the SUID bit is not set. Do an:
$ ls -l `which mkisofs`
If it's owned by root and the first four characters in the permissions group look like "-rws" then that means your users would execute "mkisofs" with root authority. As an FYI mine looks like this:
--- Code: ---
--- End code ---
Which means that root and anyone in the "xcdwrite" group can execute it and it will run with root privelages. Other related files:
--- Code: ---
--- End code ---
Which means only root and the users in the "cdrecording" group can execute the programs, also run with root privelages.
Now I believe k3b works just fine although I have to admit I only tested it a little when I first installed it several months ago. I do recall having a slight issue with permissions when I first installed it to get it to work for a user but I don't remember exactly what I did to make it work. I could do some more tests if you want. Just let me know.
It's easier to make some of this stuff work if you do use the SUID bit for a root owned file but it is a little less secure depending on the application. The alternative would be to make sure that all of the devices (CD raw devices) and direectories that needing to be written to also are given sufficient permissions for the users that need them.
[ January 23, 2003: Message edited by: void main ]
Ice-9:
-rwx--x--x 2 root xcdwrite 456777 Dec 23 15:36 mkisofs
this is what it looks like now, originally it was
-rwx--x---
if I chmod it to match
-rws--x---
it simply isn't found.
and I've added my regular user to the xcdwrite group
Now, what could go wrong with execute permissions for "others" as well as for groups?
I'm the only one with physical access to my machine.
voidmain:
quote:Originally posted by Ice9:
-rwx--x--x 2 root xcdwrite 456777 Dec 23 15:36 mkisofs
this is what it looks like now, originally it was
-rwx--x---
if I chmod it to match
-rws--x---
it simply isn't found.
and I've added my regular user to the xcdwrite group
Now, what could go wrong with execute permissions for "others" as well as for groups?
I'm the only one with physical access to my machine.
--- End quote ---
Can I see xcdwrite group line in your /etc/group file? Also after adding your userid to that group did you log off and back on? Type "$ groups" to make sure you are in the group. Also type "$ mkisofs --help" on the command line and make sure it will execute and give you the help screen.
Ice-9:
quote: Also after adding your userid to that group did you log off and back on?
--- End quote ---
No I didn't.
quote: Type "$ groups" to make sure you are in the group. Also type "$ mkisofs --help" on the command line and make sure it will execute and give you the help screen.
--- End quote ---
Ok, I logged out and back in, I'm in the group and mkisofs --help gives me the help screen.
I put the original permissions back on mkisofs and after logging back in it works.
Thanks void main, saved my day once again!!
Still I'd like to know what could possibly have gone wrong with me adding permission to execute to "others".
I guess tha maybe the files being protected from anyone but root are the main reason why Linux isn't affected by viruses that much!
[ January 23, 2003: Message edited by: Ice9 ]
Navigation
[0] Message Index
[#] Next page
Go to full version