Re: [LAD] jack daemon scripts

From: <fons@email-addr-hidden>
Date: Mon Mar 08 2010 - 13:22:50 EET

On Mon, Mar 08, 2010 at 03:06:08AM +0100, torbenh wrote:

> second, and more important reason. jack isnt designed to be secure in
> any way. a malicious client can easily make jackd crash. and since its
> possible to write data into the servers addressspace, its pretty likely
> that its possible to make this crash execute code with jackd privilege
> level.

This risk always exists once you allow a user to use Jack,
it doesn't matter if that happen under his own login (as
would be permitted with promiscuous) or using a second
'shared' identity (as is required now if there is more
than one user). The latter is probably even less safe.

And at least here, a computer being hacked is probably
the least of all risks. Any user getting access to the
system can damage it in much more expensive ways.

Allowing access based on group membership would be ideal,
at least for my use.

Ciao,

-- 
FA
O tu, che porte, correndo si ?
E guerra e morte !
_______________________________________________
Linux-audio-dev mailing list
Linux-audio-dev@email-addr-hidden
http://lists.linuxaudio.org/listinfo/linux-audio-dev
Received on Mon Mar 8 16:15:02 2010

This archive was generated by hypermail 2.1.8 : Mon Mar 08 2010 - 16:15:02 EET