[mythtv] 0.16's up on the website.
Doug Larrick
dougl at charter.net
Mon Sep 13 07:40:34 EDT 2004
Matt Zimmerman wrote:
> On Sun, Sep 12, 2004 at 07:35:48PM -0400, Doug Larrick wrote:
>
>
>>Maybe this was on the list already and I missed it... but as the guy who
>>wrote the code that runs as root... what security issues are you talking
>>about?
>
> [snip]
> The right way to do it would be to use POSIX capabilities: when the process
> starts, acquire the capability CAP_SYS_NICE, then relinquish root privileges
> (retaining the ability to use setpriority() when needed).
I can work on this. Shouldn't be too hard. Isaac, if you're reading,
can I use libcap for this (I know you've discouraged additional external
dependencies in the past)? Better to use libcap1 or libcap2? (looks
like more stuff in Debian uses the former.)
-Doug
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://mythtv.org/pipermail/mythtv-dev/attachments/20040913/ab18bf16/signature.pgp
More information about the mythtv-dev
mailing list