Hi, On 2025-10-12 at 06:41 -0400, Dave Mielke <[email protected]> wrote: > [quoted lines by Aura Kelloniemi on 2025/10/01 at 11:13 +0300]
> >Would this work? > > > >1) Start BRLTTY as root. > >2) unshare. Detach from the common mounts namespace. > >3) Mount private tmpfs. Only BRLTTY process has access to this file system. > >4) Create necessary device nodes in this private file system. Not all device > >nodes need to be created, only those for which cannot be accessed from /dev > >directly. > >5) Switch user to brltty and drop all privileges. > >6) Once BRLTTY exits or is killed, the mount namespace becomes empty and the > >tmpfs is cleaned up. > Please test the latest development code to see if this is working as you > expect. I have been running this code now for a few days and everything works well — BRLTTY is again running as an unprivileged user. Thank you very much and apologies for the delay in reporting! -- AUra _______________________________________________ This message was sent via the BRLTTY mailing list. To post a message, send an e-mail to: [email protected] For general information, go to: http://brltty.app/mailman/listinfo/brltty
