On 12-07-05 at 08:36pm, wbrana wrote: > > - - why are you setting setuid permissions in the postinst script? > > this is a security hazard (and if you do it to gain realtime > > priviliges, then it is no-longer needed and deprecated for a while, in > > favour of pam_limits) > According to http://linux.die.net/man/5/limits.conf > it is possible to enable low niceness for all processes started by > all/some user(s), > but it isn't possible to limit it to mplayer_nice if started by any user
That doesn't change that it is a security hazard! Don't run user apps as root! Don't implement super-user features in user apps - implement it separately, and make it optional to use it. Here are some ways to handle realtime priviledges: ulatencyd linux-image-rt-* + rtirq-init rtkit libpam-cgroup libpam-cap jackd2 + /etc/security/limits.d/audio.conf - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: Digital signature
_______________________________________________ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers
