Subject: Re: [linux-audio-dev] {draft} setgid problems with GTK for realtime audio (long)
From: Tim Hockin (thockin_AT_hockin.org)
Date: Fri Dec 12 2003 - 16:25:07 EET
On Fri, Dec 12, 2003 at 10:56:17AM -0600, Jack O'Quin wrote:
> If refusing to run with any privileges is their goal, then they have
> failed completely. We do it all the time right now using JACK
> capabilities, which bypasses their checks entirely, or by running as
> root with `sudo' or `su'.
>
> This is the heart of their problem. GTK *cannot tell* when it is
> running at elevated priviledge levels. It does not detect privilege
> levels at all, but merely disallows two of the 17 possible ways of
> gaining privilege. By disallowing the mechanism but not the privilege
> their action becomes counter-productive, forcing people to use cruder
> mechanisms than would otherwise be necessary to acquire the privileges
> they need.
Those might be lightened a bit, but they might go well into your letter.
This archive was generated by hypermail 2b28 : Fri Dec 12 2003 - 20:26:03 EET