Hi, I'll make thread as [SOLVED], as I think I've solved it myself and so that it can be used for future reference.

As the title says, I wanted to burn a CD as non root with Burnbox, as the box has to be used in public and I want the less possible use of su or sudo.

I know the bug report here: http://doc.slitaz.org/en:guides:bugs and, just to be sure, I've trying adding my user (not Tux, one I've created when I've installed Slitaz on HDD) to the cdrom group, and that's true, it doesn't help...

But then, I've had a look in the burnbox script ("more usr/bin/burnbox") and checked what makes the part " Check read write permission for device".

So I checked the permissions of my CDRW:

~$ ls -l /dev/cdrom
lrwxrwxrwx 1 root root 8 Oct 30 18:42 /dev/cdrom -> /dev/hdc

It shows that "/dev/cdrom" is a symbolic link (with any possible permissions already given) to my real CDRW, which, in my case, is "/dev/hdc"

So I checked the permissions of "/dev/hdc":

~$ ls -l /dev/hdc
brw-rw---- 1 root disk 22, Nov 3 11:46 /dev/hdc

and, noticed that: the user has r(ead) w(rite), the group has r(ead) w(rite) and the others not (and the 3 has no e-x-ecute).

So, I've tried a:

~# chmod 666 /dev/hdc

which gives now:

~$ ls -l /dev/hdc
brw-rw-rw- 1 root disk 22, Nov 3 11:46 /dev/hdc

and IT WORKS!!!!!!!!!!!!!!!!!!!!

Now, if I open Burnbox and click on the "Check Permissions for Device" button, it tells my now that I've "read/write permission for /dev/cdrom" and that I "can proceed to burn". And I've just successfully burned my first CD as non root! Yep!!!

So, can:

- somebody confirm it?

- any security expert confirm that it's not a really bad thing to give r/w permissions to the other on the target of the link /dev/cdrom? And if, why?

- if both things before are OK, edit the bugs page of the wiki?