[linux-audio-dev] Re: [linux-audio-user] jack and setuid

From: Paul Davis <paul@email-addr-hidden>
Date: Wed Nov 02 2005 - 15:02:24 EET

> bash-3.00# chmod ugo+s /usr/local/bin/jackd
> bash-3.00# exit
> bash-3.00$ ls -la /usr/local/bin/jackd
> -rwsr-sr-x 1 root root 206476 2005-11-01 15:23 /usr/local/bin/jackd

this is a really, really, really bad thing to do. there is no reason to
run jackd as root or set it up as setuid root. you should be using some
kernel-based technique that allows you to get realtime priviledges
without being root (capabilities on 2.4 kernels, realtime-lsm for 2.6.12
or lower, or the new rtlimits code for 2.6.13 or above). if you cannot
do that, then just run without realtime or explicitly run all JACK apps
as root. do NOT install random, non-security related applications as
setuid root.

--p
Received on Wed Nov 2 16:15:08 2005

This archive was generated by hypermail 2.1.8 : Wed Nov 02 2005 - 16:15:08 EET