Linus is right, as usual.
Well... what do you do if you can't figure out how to burn CDs as ordinary user? I, for one, do it as root. Or install cdrecord suid root. My guess is that most people would do it that way. Just bypass the SCSI command filter. You know that it's bad, but being unable to burn is even worse. That's the kind of thing people do if overly repressive security measures get in their way.
If you have a large server with lots of users you can't trust, it'd be a good idea to disable write access to the CD drive for ordinary users altogether.
Or restrict writing to those users you can trust. Or use a security framework such as SELinux to allow only some trusted applications (such as cdrecord) to write to the device.
I really see no need for a kernel-based filter. If CD burning is really the only real world application in which non-priviledged users need to send special SCSI commands, as the joey's comment suggests, moving the cdrecord functionality into a kernel driver seems more approriate than filtering arbitrary commands.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds