udev sets permissions for partitions to root:root which is ok, but it sets permissions for disks to root:disk. That means every ordinary user with group disk can run commands like this: cat /dev/hda /home/foobar/out.txt dd if=/dev/zero of=/dev/hda That should not be possible. If a program has a security hole and runs one of this commands, it can damage the whole system without root permissions. Problem is already discussed here: http://forums.gentoo.org/viewtopic-p-2597592.html#2597592 Reproducible: Always Steps to Reproduce: Attention! Do not perform the following actions, just read it ! 1. Login with a user in group disk 2. Run dd if=/dev/zero of=/dev/hda 3. Reinstall gentoo *g*
*** This bug has been marked as a duplicate of 100115 ***