Re: Brasero 2.27.91 release
- From: Mario <mario danic gmail com>
- To: Joerg Schilling <Joerg Schilling fokus fraunhofer de>
- Cc: brasero-list gnome org
- Subject: Re: Brasero 2.27.91 release
- Date: Wed, 2 Sep 2009 13:43:05 +0200
Yes, indeed ... you are annoying and choose to ignore the facts.
libburnia is nonportable and in addition it is based on a Linux
specific security risk. Linux allows non-privileged
users to send some SCSI commands that are needed for
very simplified CD writing. For a complete solution
this still is only _parts_ from what is needed and even
on Linux, you would need root privileges.
Security risks, security risks. Yes, our "simplified" burning works better in most cases then
what you call complete burning ... or whatever. Yes, we need root privileges ... umm...
how about NO?! Get your facts straight dude.
Other OS security is handled more serious and as a result,
users of libburnia would need to run suid root. This is
a no-go for X11 based applications as they are too complex
in order to audit them against potential buffer overflows
and other problems.
Yes, of course. We need to go SUID root. Tons of burned mediums prove that. NO!
Calling carefully audited suid root programs like cdrtools
is the solution for this security risk. BTW: once Linux
implements a complete solution for fine grained privileges,
support could be added to cdrtools. The related support for
Solaris is in cdrtools since several years.
I think you are a very capable developer. But you are also a very non-capable
communicator.
Just another note: this project claims not to include any
byte from cdrtools. Last weekend, it turned out that this
is not true. Shouldn't OSS projects be honest to their
users if they take code from other projects?
You never responded to my claim about that. So please stop talking non-sense.
Cheers,
Mario
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
