Re: 2.6.8.1 Mis-detect CRDW as CDROM

[Christer Weinigel <christer@weinigel.se>]

Frank Steiner <fsteiner-mail@bio.ifi.lmu.de> writes:

> So what's the target in this process? Should users finally be able to
> write cds again without or only with suid bit set? It would be good to
> know if I should try to set all cd writing applications suid or just
> have to wait for some patches coming up that would allow users to
> write cds without suid again...

As far as I can tell the goal is:

    With read permissions on the device you should be able to read
    from the device, such as ripping from a CD.  So all known commands
    that don't change the state of the CD should be ok.

    With write permissions you should be able to write to media, for
    example write to a tape or blank and burn a CDRW.

    For all unknown commands you need CAP_SYS_RAWIO (which for most
    system means root permissions).  So reflashing the firmware of a
    CD needs root permissions.

Some commands are a bit questionable though, for example, should it be
possible to use GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL with only read
permissions?  

The MODE_SELECT command I belive is needed for read on some tape
drives because tape parameters such as compression and tape density
are configured this way.  But there might be a device where a
MODE_SELECT on a vendor configuration page might destroy the device,
so it might not be such a good idea to allow MODE_SELECT and in that
case I don't know how it should be handled.

Hopefully all commands needed for CD/DVD reading and writing are safe
enough to be allowed with just read or write permission.

  /Christer

-- 
"Just how much can I get away with and still go to heaven?"

Freelance consultant specializing in device driver programming for Linux 
Christer Weinigel <christer@weinigel.se>  http://www.weinigel.se