[mythtv-users] Running as root

stan stanlist at cox.net
Thu Sep 28 19:31:39 UTC 2006 

 

> -----Original Message-----
> From: mythtv-users-bounces at mythtv.org 
> [mailto:mythtv-users-bounces at mythtv.org] On Behalf Of R. G. Newbury
> Sent: Thursday, September 28, 2006 12:04 PM
> To: Discussion about mythtv
> Subject: Re: [mythtv-users] Running as root
> 
> Robin Hill wrote:
> > On Wed Sep 27, 2006 at 03:02:28PM -0500, Chris Moewes-Bystrom wrote:
> > 
> >> I have my mythbox set up with gdm auto logging in my 
> mythtv user, who then
> >> has a startup script to launch the front end. I was going 
> through the config
> >> screens last night and I saw a setting that mentions 
> something about if the
> >> frontend is running as root and allowing it run at higher 
> privildge (I
> >> assume nice or something). Anyone know why, beyond the 
> obvious security
> >> issues, that running the frontend (on a dedicated system) 
> as root would be a
> >> good or a bad idea??
> 
> Unless someone on this list can provide a workaround, you 
> will find that 
>   you cannot auto login as root... for no discernible reason 
> that I can 
> find, except possibly the obstinate religious fervor of the 
> 'never-run-as-root' crowd.
> 
>               R. Geoffrey Newbury			
> 

I've totally confused myself reading this thread.  (That happens often.)

On Fedora FC5 (configured per Wilson's howto)

1.  Do services (like mythbackend) run as root?
2.  Do other daemons started globally in the runlevel autostart files run as
root?
3.  Do daemons started from mythtv's .kde/Autostart run as mythtv?
4.  Does setting the "sticky bit" (with a chmod +s) allow mythfrontend and
mythbackend to attain root privileges whenever they want?  And, if so, do
these program know when to do this?
5.  Are there any differences in running programs while logged on as root as
opposed to logging on as mythtv and su'ing to root without the - parm?

I set permissions on all of my recordings, videos, music, etc. directories
to 777.  If a hacker wants so listen to my music, enjoy.  In fact, leave me
some tips on playback.

I don't have the information to do it, but it would be nice if someone wrote
a summary of the accounts under which each mythTV program should be running
and what permissions each mythTV directory should have.  Including
mythfrontend, mythbackend, mythrename, and mythtvsetup.

--stan

More information about the mythtv-users mailing list