Date: Fri, 16 Aug 1996 23:17:57 +0200 (MET DST) From: J Wunsch <j@uriah.heep.sax.de> To: bwithrow@BayNetworks.com (Robert Withrow) Cc: xmcd@amb.org, hackers@FreeBSD.org Subject: Re: XMCD problem on FreeBSD 2.1.5 Message-ID: <199608162117.XAA07834@uriah.heep.sax.de> In-Reply-To: <199608161926.PAA07167@tuva.engeast.baynetworks.com> from Robert Withrow at "Aug 16, 96 03:26:04 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
As Robert Withrow wrote: > When I run xmcd every attempt to access the cdrom yields: > > CD audio: ioctl error on /dev/rwcd0c: cmd=CDIOREADTOCENTRYS errno=22 That's ``invalid argument''. Check the arguments to the ioctl call, or better, check the ioctl implementation in the wcd driver. > And this is how xmcd is installed: > > -rws--x--x 1 root bin 1508034 Jul 10 05:26 /usr/X11R6/bin/xmcd It's a potential security hole. Since xmcd doesn't have to use raw SCSI commands in FreeBSD, but can get at the CD-ROM device with comfortable ioctl's, there's no need for running it setuid. As you can see, its suidness won't help for broken drivers either. :) -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608162117.XAA07834>