Comment 1 Alin Năstac (RETIRED) 2004-09-07 22:08:30 UTC

Created attachment 39179 [details, diff]
scsi-remote.c.diff

Resolve MDKSA-2004:091 issue.

Comment 2 Sune Kloppenborg Jeppesen (RETIRED) 2004-09-07 22:42:30 UTC

Pylon please verify and apply.

Mandrake advisory:

Max Vozeler found that the cdrecord program, which is suid root, fails to drop euid=0 when it exec()s a program specified by the user through the $RSH environment variable. This can be abused by a local attacker to obtain root privileges.


This has been assigned CAN-2004-0806

Comment 3 Lars Weiler (RETIRED) 2004-09-08 07:13:32 UTC

We don't install cdrecord suid root by default.  The user has to act to change it's state.  E.g. k3b's setup utility allows to change the state, but we warn about it during installation of k3b.

I don't think that we need to apply the patch.  Security-team, you have the last word.

Comment 4 Alin Năstac (RETIRED) 2004-09-08 07:27:13 UTC

My 2 eurocents:
I think it would be best to apply this patch, even if security don't issue a glsa. Prolly there are gentooers who choosed to suid their cdrecord. Why not secure their cdrecord?

Comment 5 Thierry Carrez (RETIRED) 2004-09-08 07:50:08 UTC

I would say the patch should be applied. It's not the first time that we issue a GLSA on a non-by-default setup. And cdrecord must be SUID on a lot of machines.

Comment 6 solar (RETIRED) 2004-09-08 16:52:12 UTC

I would add the patch and skip the GLSA process.

Comment 7 SpanKY 2004-09-08 20:05:27 UTC

agreed, theres no reason not to add the patch

although people would have to +s cdrecord themselves i'd imagine people do since k3b supports it as such

Comment 8 Sune Kloppenborg Jeppesen (RETIRED) 2004-09-09 12:05:08 UTC

Pylon please apply the patch.

Comment 9 solar (RETIRED) 2004-09-13 22:47:06 UTC

The maintainer took to long so I added the patch to the following ebuilds.
cdrtools-2.01_alpha28-r2.ebuild
cdrtools-2.01_alpha37-r1.ebuild

We should still probably have the arches mark these stable. 
Perferably 2.01_alpha37-r1 and then remove the old ebuilds.

cdrtools-2.01_alpha28-r2
KEYWORDS="~x86 ~ppc ~sparc ~alpha ~hppa ~amd64 ~ia64 ~ppc64 ~mips"

cdrtools-2.01_alpha37-r1
KEYWORDS="~x86 ~ppc ~sparc ~alpha ~hppa ~amd64 ~ia64 ~ppc64 ~mips"

Comment 10 Sune Kloppenborg Jeppesen (RETIRED) 2004-09-13 23:57:21 UTC

Arches please test and mark stable. Preferably 2.01_alpha37-r1 otherwise 2.01_alpha28-r2.

Comment 11 Alin Năstac (RETIRED) 2004-09-14 00:01:37 UTC

jaervosz, don't forget about cdrecord-prodvd

Comment 12 Alin Năstac (RETIRED) 2004-09-14 00:28:11 UTC

cdrrecord-prodvd does not compile cdrtools by itself.
thanks jaervosz for observing that.
sorry folks, my mistake.

Comment 13 Lars Weiler (RETIRED) 2004-09-14 02:41:32 UTC

Sorry, I was not around the last days.

One sidenote: cdrtools-2.01_alpha37 could have some problems with kernel <2.6.8 and audio-cd-writing.  Furthermore I'm about to add cdrtools-2.01 (the stable version) to the tree.

Comment 14 Sune Kloppenborg Jeppesen (RETIRED) 2004-09-14 05:43:40 UTC

Thx Pylon. Arches please test and mark stable. Preferably 2.01 (just added) otherwise 2.01_alpha37-r1 or 2.01_alpha28-r2.

Comment 15 Gustavo Zacarias (RETIRED) 2004-09-14 08:05:25 UTC

2.01 stable on sparc, tested audio on 2.4 with -v -dao -pad just fine, also iso.

Comment 16 Guy Martin (RETIRED) 2004-09-14 09:16:37 UTC

Stable on hppa.

Comment 17 Jason Huebel (RETIRED) 2004-09-14 10:08:15 UTC

2.01 stable on amd64

Comment 18 Lars Weiler (RETIRED) 2004-09-14 10:58:23 UTC

2.01 stable on x86 and ppc.

Comment 19 Thierry Carrez (RETIRED) 2004-09-14 11:19:52 UTC

GLSA drafted, security please review

Comment 20 Sune Kloppenborg Jeppesen (RETIRED) 2004-09-14 14:29:21 UTC

GLSA 200409-18

alpha,ia64,mips,ppc64 don't forget to mark stable to benifit from GLSA.

Comment 21 Joshua Kinard 2004-09-20 12:30:52 UTC

mips stable.

Comment 22 Tom Gall (RETIRED) 2004-10-09 12:30:00 UTC

thanks, stable on ppc64