[mythtv] Mythvideo DVD ripping

[f-myth-users at media.mit.edu]

    > Date: Mon, 09 May 2011 17:20:17 -0400
    > From: Raymond Wagner <raymond at wagnerrp.com>

    > One of the devs worked up something similar to this a few years back.  
    > He had a Sony DVD turntable hooked up to his backend, and added some 
    > protocol commands to select the proper disk, and share it using NBD.  
    > The block device was subsequently mounted on the frontend, and played 
    > just as a local optical disk.  The problem is mounting.  Doing so 
    > requires root privileges, or sudo set up with the password requirements 
    > removed.  If we want to use the existing myth:// protocol, we either 
    > need to write a FUSE implementation, or a new kernel module, to support 
    > the device.

I just had to deal with a similar issue, and have a sugggstion for
a workaround.  I'm not claiming it's terrific style, but---

Use ssh to localhost.  Install the relevant key in /root/.ssh/authorized_keys,
with a forced command that validates the input, such as a Perl script
in tainted mode.

The problem with mount is that even a setuid wrapper isn't enough,
because mount goes out of its way to check the real (not effective)
uid/gid, and barfs.

It would be easy enough to havea one-shot installation step that
creates the relevant key and installs it and its forced-command
wrapper in the right place; people who install from packages wouldn't
even need a second root prompt, since those installs are typically
running with root privs anyway because they're writing to /bin or
whatever.

Probably the hardest part is agreeing on what names are valid (e.g.,
which devices and/or mountpoints) for the mount script to use, so that
it doesn't allow anyone on the system to abuse it into doing insecure
things with mount.  This doesn't seem insurmountable.  (*rimshot*! uh,
sorry...)

If you're not actually using the mount command per se, but something
else, adapt as required.  Again, not great style, but might cut this
Gordian knot without requiring someone to sit down and deal with FUSE
or kernel modules.

(This was part of a just-for-me local-machine hack where I wanted to
be able to diddle some filesystem settings [that worked in a setuid
wrapper] and mount/unmount them [that didn't] so I could leave them
effectively read-only almost all of the time.  I didn't want to have
to run the rest of the code as root just for those infrequent actions,
and I didn't want to have to enter each filesystem in /etc/fstab with
appropriate user/users options, nor did I want to allow anyone (even
me) to do just anything with mount by putting it in the suoders file
---my mount script validates which filesystem is being mentioned and
will only fiddle with the ones I've told it are okay.  This protects
me from non-targeted maliciousness, and even more importantly, from
myself.)