[EMAIL PROTECTED] wrote: > Yeah - that's a workaround. I already saw that. But as a long-time UNIX > admin, > I can't see why the standard SUID bit wouldn't work. > > If nothing else turns up, I may try the rlimit / PAM approach.
Because what MythTV is doing is technically not quite right (I can criticize this code, I wrote it :-) ). It tries to keep one thread around which is owned by root. That presents a security hole because all somebody has to do is write new code onto that thread's stack (it of course shares a memory space with the rest of mythfrontend) and bingo, you've got full root access. It's a little safer/better than just running as root directly because (a) permissions of created files and such will be 'mythtv', and (b) a programming error in mythfrontend won't have as far-reaching consequences. Fedora (and other selinux-capable distros, I guess) set things up such that when one thread drops privs *all* threads drop privs, which is arguably correct and proper. The rlimit/PAM approach is the sanctioned way for a normal-user application to get access to realtime scheduling. It was the audio-processing folks who lobbied for this support in the kernel; we have them to thank. FYI, The current PAM in Debian unstable (what I run) already has support for this as of 0.76-8. -Doug
signature.asc
Description: OpenPGP digital signature
_______________________________________________ mythtv-users mailing list [email protected] http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
