[Libcdio-devel] Re: libcdio-0.83git on Solaris

libcdio-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Libcdio-devel] Re: libcdio-0.83git on Solaris

From:	Thomas Schmitt
Subject:	[Libcdio-devel] Re: libcdio-0.83git on Solaris
Date:	Wed, 09 Jun 2010 17:38:35 +0200

Hi,

> > Executing SCSI commands needs superuser
> > authority.

> It has been a while, but I think have running a suid program would be
> sufficient. And going further it might be that being in the right
> administrative group with would be okay too.

I did not test yet whether suid works. (Solaris
is somewhat strange and somewhat familiar.)
Actually there is no user "root" but just a
role with that name and UID 0.
E.g. i cannot login as root but only as normal
user and then aquire the root role via su.

The preferred way to do privileged activities
seems to be
  pfexec ...command.and.options...

It is not a problem to gain the power for SCSI.
The problem is that you also gain the power to
spoil your hard disk and to read any file.

I learned meanwhile that i want the privilege
PRIV_SYS_DEVICES. I could use usermod(1) to give
this power to the normal user.
That would solve the problem of undesired read
permissions but not block the opportunity to 
destroy the disk filesystem.

What i look for is a method to gain
PRIV_SYS_DEVICES from within the program. So
that the user does not run risk with any normal
program but only with xorriso.
And xorriso is quite reluctant to operate on
non-CD devices.

So the risk of shooting the own foot would
become acceptable.

I will make experiments with getpriv(2),
setpriv(2), and others. 
  http://compute.cnr.berkeley.edu/cgi-bin/man-cgi?privileges+5

------------------------------------------------

> > - perform ioctl(DKIOCINFO) and check .dki_ctype

> I don't any reason not to do this. Do you?

Not yet.
I assume DKIO needs no PRIV_SYS_DEVICES.

> > LIBCDIO_SOLARIS_WITH_CD_INQUIRY
> I gather by this you are suggesting adding an option to libcdio's configure
> script.

I'd rather propose to throw it out after tests
with older Solaris versions show that the DKIO
method works. (Versions released between 2006
and 2010 would be of interest. Olders should
still use vold addresses.)

I know that SCSI INQUIRE is very old and very
standard. About age and API stability of DKIO
i am rather unsure.
So i kept my first CD recognizer code in the
patch as fallback. But DKIO appears to be better.


Have a nice day :)

Thomas

[Prev in Thread]

Current Thread

[Next in Thread]

[Libcdio-devel] libcdio-0.83git on Solaris, Thomas Schmitt, 2010/06/08
- [Libcdio-devel] Re: libcdio-0.83git on Solaris, Thomas Schmitt, 2010/06/08
  - Re: [Libcdio-devel] Re: libcdio-0.83git on Solaris, Rocky Bernstein, 2010/06/09
- Re: [Libcdio-devel] libcdio-0.83git on Solaris, Rocky Bernstein, 2010/06/09
  - [Libcdio-devel] Re: libcdio-0.83git on Solaris, Thomas Schmitt <=
  - [Libcdio-devel] Re: libcdio-0.83git on Solaris, Thomas Schmitt, 2010/06/10

Prev by Date: Re: [Libcdio-devel] Re: libcdio-0.83git on Solaris
Next by Date: [Libcdio-devel] Re: libcdio-0.83git on Solaris
Previous by thread: Re: [Libcdio-devel] libcdio-0.83git on Solaris
Next by thread: [Libcdio-devel] Re: libcdio-0.83git on Solaris
Index(es):
- Date
- Thread