[mythtv-users] SUID not working
Doug Larrick
doug at ties.org
Fri Nov 4 07:56:55 EST 2005
huffman at graze.net wrote:
> Yeah - that's a workaround. I already saw that. But as a long-time UNIX admin,
> I can't see why the standard SUID bit wouldn't work.
>
> If nothing else turns up, I may try the rlimit / PAM approach.
Because what MythTV is doing is technically not quite right (I can
criticize this code, I wrote it :-) ). It tries to keep one thread
around which is owned by root. That presents a security hole because
all somebody has to do is write new code onto that thread's stack (it of
course shares a memory space with the rest of mythfrontend) and bingo,
you've got full root access. It's a little safer/better than just
running as root directly because (a) permissions of created files and
such will be 'mythtv', and (b) a programming error in mythfrontend won't
have as far-reaching consequences.
Fedora (and other selinux-capable distros, I guess) set things up such
that when one thread drops privs *all* threads drop privs, which is
arguably correct and proper.
The rlimit/PAM approach is the sanctioned way for a normal-user
application to get access to realtime scheduling. It was the
audio-processing folks who lobbied for this support in the kernel; we
have them to thank. FYI, The current PAM in Debian unstable (what I
run) already has support for this as of 0.76-8.
-Doug
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://mythtv.org/pipermail/mythtv-users/attachments/20051104/302516ef/signature.pgp
More information about the mythtv-users
mailing list