On Mon, Apr 9, 2018, 21:35 Simon McVittie <s...@collabora.com> wrote:
> On Mon, 09 Apr 2018 at 17:27:10 +0000, john terragon wrote: > > created by the logind service.I want to make the socket of the pulseaudio > > server of one particular user available to all the others. > > This is basically PulseAudio system-wide mode: > > https://www.freedesktop.org/wiki/Software/PulseAudio/Documentation/User/SystemWide/ > > https://www.freedesktop.org/wiki/Software/PulseAudio/Documentation/User/WhatIsWrongWithSystemWide/ > > ... except worse, because instead of potentially being able to escalate > privileges to a dedicated system uid that runs the PulseAudio system > server, you can potentially escalate privileges to the account of > another user. > > I would suggest using the system-wide mode instead: it's a bad idea > for all the reasons listed in the link above, but seems less bad than > reinventing it via a user's account. > Except for the shared memory part, which I seem to remember has finally been solved using memfd sealing? > -- Mantas Mikulėnas <graw...@gmail.com> Sent from my phone
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
