[mythtv-users] SUID not working

Doug Larrick doug at ties.org
Fri Nov 4 07:56:55 EST 2005

huffman at graze.net wrote:
> Yeah - that's a workaround.  I already saw that.  But as a long-time UNIX admin,
> I can't see why the standard SUID bit wouldn't work.
> If nothing else turns up, I may try the rlimit / PAM approach.

Because what MythTV is doing is technically not quite right (I can
criticize this code, I wrote it :-) ).  It tries to keep one thread
around which is owned by root.  That presents a security hole because
all somebody has to do is write new code onto that thread's stack (it of
course shares a memory space with the rest of mythfrontend) and bingo,
you've got full root access.  It's a little safer/better than just
running as root directly because (a) permissions of created files and
such will be 'mythtv', and (b) a programming error in mythfrontend won't
have as far-reaching consequences.

Fedora (and other selinux-capable distros, I guess) set things up such
that when one thread drops privs *all* threads drop privs, which is
arguably correct and proper.

The rlimit/PAM approach is the sanctioned way for a normal-user
application to get access to realtime scheduling.  It was the
audio-processing folks who lobbied for this support in the kernel; we
have them to thank.  FYI, The current PAM in Debian unstable (what I
run) already has support for this as of 0.76-8.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://mythtv.org/pipermail/mythtv-users/attachments/20051104/302516ef/signature.pgp

More information about the mythtv-users mailing list