Subject: Re: [linux-audio-dev] Linux Security Module for realtime audio
From: Fernando Pablo Lopez-Lezcano (nando_AT_ccrma.stanford.edu)
Date: Tue Dec 09 2003 - 02:51:33 EET
> > > So, I modified Torben's LSM to check supplementary groups, and this
> > > seems to work fine. From a system admin perspective it's pretty good.
> > > I'm a member of group `audio', which was accomplished by adding my
> > > user ID (joq) to the appropriate entry in /etc/group...
> > >
> > > [...]
> >
> > well this is an alternative but i would be happier to explicitely give
> > away the DOS privilege to programs. rather than enabling it for my
> > account.
>
> I completely agree that my supplementary groups idea is less secure
> than the setgid approach.
The "sgid approach" is in addition to having a realtime group or
instead? I have the feeling I have missed something in the thread.
I would prefer to have the option of:
a) no protection: I turn on "realtime" (/proc control and/or loading the
realtime module, right?) and any user can run any program and crash
the system by hogging the cpu in a tight loop :-)
b) a group of users: only users in a designated group can crash the
system.
c) a group of programs: only writers of realtime "approved" programs get
a chance (through the help of any user or users in a group) to crash
the system.
Most probably in my environment I would use a), maybe b), most probably
not c).
-- Fernando
This archive was generated by hypermail 2b28 : Tue Dec 09 2003 - 02:52:12 EET