You are not logged in.

#1 2004-08-16 08:27:18

tpowa
Developer
From: Lauingen , Germany
Registered: 2004-04-05
Posts: 2,260

k3b will not work as user with 2.6.8.1

i build the new kernel 2.6.8.1 with the old PKGBUILD from 2.6.7 and config
--> k3b will stop working with 2.6.7 all is fine

see bug entry here:
http://bugs.archlinux.org/?do=details&id=1256

EDIT:
Burning as root does work only user is affected

Offline

#2 2004-08-16 10:25:23

dp
Member
From: Zürich, Switzerland
Registered: 2003-05-27
Posts: 3,363
Website

Re: k3b will not work as user with 2.6.8.1


The impossible missions are the only ones which succeed.

Offline

#3 2004-08-16 11:08:02

tpowa
Developer
From: Lauingen , Germany
Registered: 2004-04-05
Posts: 2,260

Re: k3b will not work as user with 2.6.8.1

cdrecord is setuid :-(
i don't change the permissions of it
it's a kernel bug or k3b bug
i've read on bugs.kde.org that 2.6.8rc4 doesn't have this problem ...
strange thing

Offline

#4 2004-08-16 12:46:23

dp
Member
From: Zürich, Switzerland
Registered: 2003-05-27
Posts: 3,363
Website

Re: k3b will not work as user with 2.6.8.1

http://www.k3b.org/ -> news:


Do not use Kernel 2.6.8

A patch that was introduced into the kernel shortly before the 2.6.8 release makes K3b and also the dvd+rw-tools unusable on Linux (unless run as root but that is not recommended). The very important GET CONFIGURATION MMC command is rejected by the kernel for reasons I cannot see and writing commands like MODE SELECT also fail (K3b cannot detect CD writers without it) even when the device is opened O_RDWR. Until this issue has been solved I strongly recommend to stick to kernel version 2.6.7.


The impossible missions are the only ones which succeed.

Offline

#5 2004-08-16 20:53:23

sarah31
Member
From: Middle of Canada
Registered: 2002-08-20
Posts: 2,975
Website

Re: k3b will not work as user with 2.6.8.1

why would you file a bug about a this? it is silly to ask the package maintainers to take care of bugs that don't officially exist yet , as in the 2.6.8 kernel is not an official package so the bug is not  a bug. it is a k3b development issue not an arch one.


AKA uknowme

I am not your friend

Offline

#6 2004-08-16 22:01:23

dp
Member
From: Zürich, Switzerland
Registered: 2003-05-27
Posts: 3,363
Website

Re: k3b will not work as user with 2.6.8.1

sarah31 wrote:

why would you file a bug about a this? it is silly to ask the package maintainers to take care of bugs that don't officially exist yet , as in the 2.6.8 kernel is not an official package so the bug is not  a bug. it is a k3b development issue not an arch one.

can't agree more :-)

... and besides, i think, it's a 2.6.8.1 issue and not k3b

k3b works perfect with the 2.6.7XXXX and the problem came up from 2.6.8-rc4->2.6.8 and stayed in 2.6.8.1


The impossible missions are the only ones which succeed.

Offline

#7 2004-08-17 06:04:32

tpowa
Developer
From: Lauingen , Germany
Registered: 2004-04-05
Posts: 2,260

Re: k3b will not work as user with 2.6.8.1

i simply wanted to warn the users
i think it's better to warn until a lot of users will have trouble
i think most people use k3b to burn cds if they do not use the command line
i flagged out the kernel package 3 days ago and don't know when judd release it so i tested it if it's true and posted this bug
bye

Offline

#8 2004-08-17 07:54:39

tpowa
Developer
From: Lauingen , Germany
Registered: 2004-04-05
Posts: 2,260

Re: k3b will not work as user with 2.6.8.1

the new mm1 kernel contains the bug too

Offline

#9 2004-08-17 11:38:31

delmonico
Member
Registered: 2004-06-27
Posts: 82

Re: k3b will not work as user with 2.6.8.1

Solution for 2.6.8: http://marc.theaimsgroup.com/?l=linux-k … 604538&w=2
quick'n'dirty hack wink

Offline

#10 2004-08-17 12:11:46

tpowa
Developer
From: Lauingen , Germany
Registered: 2004-04-05
Posts: 2,260

Re: k3b will not work as user with 2.6.8.1

> This patch restores the behaviour of previous kernels, security issues included:

Like allowing any user to erase your drive firmware. What you could do
which is much more useful is printk the command byte that gets refused
and see if you can pin down what commands are being blocked that
are needed by K3B

Alan Cox

Offline

#11 2004-08-17 12:13:53

tpowa
Developer
From: Lauingen , Germany
Registered: 2004-04-05
Posts: 2,260

Re: k3b will not work as user with 2.6.8.1

From K3b Homepage:

Update: The kernel guys are currently fixing the problem so the next kernel release should work again. smile

Offline

#12 2004-08-17 13:15:59

dp
Member
From: Zürich, Switzerland
Registered: 2003-05-27
Posts: 3,363
Website

Re: k3b will not work as user with 2.6.8.1

i find it great that we are warned - great job for all the provided infos

but please close the bug against k3b with "not a bug", because
1) the 2.6.8.1 is not yet a pkg
2) it's the kernel and not k3b that causes trouble


The impossible missions are the only ones which succeed.

Offline

#13 2004-08-17 15:21:24

sarah31
Member
From: Middle of Canada
Registered: 2002-08-20
Posts: 2,975
Website

Re: k3b will not work as user with 2.6.8.1

oh and just to be a jerk .... [lecture] you should not be able to burn as user anyway. it is a security risk. that is what sudo is for[/lecture]


AKA uknowme

I am not your friend

Offline

#14 2004-08-17 15:33:02

dp
Member
From: Zürich, Switzerland
Registered: 2003-05-27
Posts: 3,363
Website

Re: k3b will not work as user with 2.6.8.1

sarah31 wrote:

oh and just to be a jerk .... [lecture] you should not be able to burn as user anyway. it is a security risk. that is what sudo is for[/lecture]

do you burn cds under macOSx as root?

if using a frontend (k3b) it should be able to be run as user and work

writing to hdd is also possible as user :-)


The impossible missions are the only ones which succeed.

Offline

#15 2004-08-17 16:09:18

colnago
Member
From: Victoria, BC
Registered: 2004-03-25
Posts: 438

Re: k3b will not work as user with 2.6.8.1

sarah31, I have long wondered what the security problems were in allowing users to burn cds.  Do they apply to usb devices too?  As dp says, the hdd is a removable storage medium too, only the eject is by turning a screwdriver instead of pushing a button. 

I will go look for myself.

OK, so it is the setuid to root that is the risk.  For example, here is from the gcombust page:

How do I allow running gcombust as non-root?

This discussion might be Linux centric. If it doesn't apply for your favorite OS, send an addition, meaningless OS-war complaints will be ignored.

gcombust shouldn't be ran as root (running it as root won't make you self-combust, but it's nevertheless a good idea to minimize root usage).

There are two reasons for running cdrecord with root priviligies; 1) real time priority and 2) locking the buffers (so they can't get swapped out). cdrecord can be run without root privligies, but it increases the chance of a buffer underrun. cdrecord also needs read/write access to the cdr-device (for making multisession cd:s mkisofs also needs read access to the device). Please understand that making cdrecord suid root is a security risk.

Offline

#16 2004-08-17 18:48:59

sarah31
Member
From: Middle of Canada
Registered: 2002-08-20
Posts: 2,975
Website

Re: k3b will not work as user with 2.6.8.1

dp wrote:
sarah31 wrote:

oh and just to be a jerk .... [lecture] you should not be able to burn as user anyway. it is a security risk. that is what sudo is for[/lecture]

do you burn cds under macOSx as root?

yes and no. when i am burnming an audio cd from files in itunes no. all other cases yes.

if using a frontend (k3b) it should be able to be run as user and work

writing to hdd is also possible as user :-)

sure most people want to burn as user and i can undderstand that but that does not change the fact that it is insecure.  with you apps set to burn as user any schmoe wandering into your room while your computer is on can burn whatever they like including dotfiles, config files and other files that may hold you secrets of life the universe and everything.

like i say i was just being an ass. i don't care what people do. hell when I burn DVDs in linux growisofs is running as user.


AKA uknowme

I am not your friend

Offline

#17 2004-08-17 20:17:36

dp
Member
From: Zürich, Switzerland
Registered: 2003-05-27
Posts: 3,363
Website

Re: k3b will not work as user with 2.6.8.1

sarah31 wrote:

sure most people want to burn as user and i can undderstand that but that does not change the fact that it is insecure.  with you apps set to burn as user any schmoe wandering into your room while your computer is on can burn whatever they like including dotfiles, config files and other files that may hold you secrets of life the universe and everything.


i don't really have secrets as such (maybe some ideas for some cool projects in molecular biology, but you must at least be student in biology to understand them)

for some reason, a user has also a password - you can lock the screen and rude people (people who do not ask before wanting to use a computer that does not belong to them) will have some difficulties accessing your "secrets"

on the other hand - if the "bad person" comes with an usb-stick, it can be mounted also as user (at least i have rw,users in the fstab for external drives) and the trouble is there


actually, it's a fundamental question: the old "unix-style" is to be paranoic: floppies, extenal drives and everything to be able to export data is limited to root

linux, at least i think, is more "open"... it's not that paranoic and at least on the normal users computer you allow external drives to be used by users --- on the other hand, if someone can run a browser and have a webmail account, this person can export any data it has access to; so you must forbid browsers to users to be "secure"


The impossible missions are the only ones which succeed.

Offline

#18 2004-08-17 21:20:02

aCoder
Member
From: Medina, OH
Registered: 2004-03-07
Posts: 359
Website

Re: k3b will not work as user with 2.6.8.1

but please close the bug against k3b with "not a bug", because
1) the 2.6.8.1 is not yet a pkg

It is now! smile


If you develop an ear for sounds that are musical it is like developing an ego. You begin to refuse sounds that are not musical and that way cut yourself off from a good deal of experience.
  - John Cage

Offline

#19 2004-08-17 22:03:00

dp
Member
From: Zürich, Switzerland
Registered: 2003-05-27
Posts: 3,363
Website

Re: k3b will not work as user with 2.6.8.1

aCoder wrote:

but please close the bug against k3b with "not a bug", because
1) the 2.6.8.1 is not yet a pkg

It is now! smile

ok, now the bug has an excuse (but it should be against the kernel and not k3b, because the kernel must be patched)

when i'm creating the kernel26mm, i will patch it to be usable to burn as user (let users burn!!! ;-) )


The impossible missions are the only ones which succeed.

Offline

#20 2004-08-26 18:11:10

Comete
Member
From: France
Registered: 2003-08-03
Posts: 46

Re: k3b will not work as user with 2.6.8.1

hi !

i've updated my kernel with the last package release (2.6.8.1-3) on which the patch is applied but it doesn't work either. K3B doesn't detect my IDE DVD burning drive as a user. But it works well as root.
cdrecord, cdrdao and dvdrecord are all set SUID.

Any idea ?

Comete

Offline

#21 2004-10-02 19:59:32

frobelhof
Member
Registered: 2004-10-02
Posts: 16

Re: k3b will not work as user with 2.6.8.1

Hi all,

To add some confusion I present the following:

On Desktop, "up to date" with kernel 2.6.8.1 and latest "pacman -Suy"  I can burn CD's as any user. There are a cd and DVD burner in the system. On my laptop however, with a self compiled kernel 2.6.8.1 it will not work. sad

Now that I am typing this, it occurs to me that I got the kernel source from www.kernel.org. Is the arch-kernel patched perhaps? Where would I obtain the patched arch kernel source?

Offline

#22 2004-10-02 23:50:04

dp
Member
From: Zürich, Switzerland
Registered: 2003-05-27
Posts: 3,363
Website

Re: k3b will not work as user with 2.6.8.1

frobelhof wrote:

Hi all,

To add some confusion I present the following:

On Desktop, "up to date" with kernel 2.6.8.1 and latest "pacman -Suy"  I can burn CD's as any user. There are a cd and DVD burner in the system. On my laptop however, with a self compiled kernel 2.6.8.1 it will not work. sad

Now that I am typing this, it occurs to me that I got the kernel source from www.kernel.org. Is the arch-kernel patched perhaps? Where would I obtain the patched arch kernel source?

yes, the 2.6.8.1 kernels in arch are patched to behave like a 2.6.7

with patch as separate file: (kernel26)
http://cvs.archlinux.org/cgi-bin/viewcv … ag=CURRENT

or sed in PKGBUILD: (kernel26mm)
http://cvs.archlinux.org/cgi-bin/viewcv … ag=CURRENT


The impossible missions are the only ones which succeed.

Offline

#23 2004-10-03 08:21:34

frobelhof
Member
Registered: 2004-10-02
Posts: 16

Re: k3b will not work as user with 2.6.8.1

dp wrote:

yes, the 2.6.8.1 kernels in arch are patched to behave like a 2.6.7

with patch as separate file: (kernel26)
http://cvs.archlinux.org/cgi-bin/viewcv … ag=CURRENT

or sed in PKGBUILD: (kernel26mm)
http://cvs.archlinux.org/cgi-bin/viewcv … ag=CURRENT

Yeah I found something about this just after I posted, What it comes down to basically (at least what I did) is erase line 196-198 from /usr/src/linux/drivers/block/scsi_ioctl.c and recompile the kernel.

At least this worked for me. (I am not a regular patcher and did not know how to apply one smile so I figured this would come down to the same. )

Offline

#24 2004-10-03 08:59:16

dp
Member
From: Zürich, Switzerland
Registered: 2003-05-27
Posts: 3,363
Website

Re: k3b will not work as user with 2.6.8.1

frobelhof wrote:
dp wrote:

yes, the 2.6.8.1 kernels in arch are patched to behave like a 2.6.7

with patch as separate file: (kernel26)
http://cvs.archlinux.org/cgi-bin/viewcv … ag=CURRENT

or sed in PKGBUILD: (kernel26mm)
http://cvs.archlinux.org/cgi-bin/viewcv … ag=CURRENT

Yeah I found something about this just after I posted, What it comes down to basically (at least what I did) is erase line 196-198 from /usr/src/linux/drivers/block/scsi_ioctl.c and recompile the kernel.

At least this worked for me. (I am not a regular patcher and did not know how to apply one smile so I figured this would come down to the same. )

exactly! this lines would allow only root to "send" some commands to the cd-rw drive


The impossible missions are the only ones which succeed.

Offline

Board footer

Powered by FluxBB