Tom Hughes wrote:
The problem appears to be that the kernel now implements setuid
properly so that it changes the UID of the process rather than just
the current thread so it isn't possible to have a privileged thread
anymore.

Basically the whole scheme only worked because threads on linux
are effectively processes at the kernel level and certain system
calls didn't properly take account of that, including setuid.

Good to know. What kernel is this? Matt Zimmerman (rightly) complains about the security of the current implementation, as well.

I have a replacement scheme in mind that creates a realtime-priority thread for playback at startup before dropping privs, and then reuses that thread for all playback. I just need to find the time to work on it.

-Doug

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
mythtv-users mailing list
[email protected]
http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users

Reply via email to