[mythtv-users] Re: Suid root, but mythtv complains that it isn't.
Tom Hughes
tom at compton.nu
Sun Jan 9 10:20:08 EST 2005
In message <41E13BCA.6020606 at ties.org>
Doug Larrick <doug at ties.org> wrote:
> Tom Hughes wrote:
> > The problem appears to be that the kernel now implements setuid
> > properly so that it changes the UID of the process rather than just
> > the current thread so it isn't possible to have a privileged thread
> > anymore.
> >
> > Basically the whole scheme only worked because threads on linux
> > are effectively processes at the kernel level and certain system
> > calls didn't properly take account of that, including setuid.
>
> Good to know. What kernel is this? Matt Zimmerman (rightly) complains
> about the security of the current implementation, as well.
It's the standard FC3 one, the 1.681 build of 2.6.9 at the moment.
I have a test program that check the setuid behaviour and on
a RedHat 9 box only the thread that calls setuid changes but
on an FC3 box both threads change. I haven't tried it on anything
else yet.
> I have a replacement scheme in mind that creates a realtime-priority
> thread for playback at startup before dropping privs, and then reuses
> that thread for all playback. I just need to find the time to work on it.
That would be the obvious alternative.
Tom
--
Tom Hughes (tom at compton.nu)
http://www.compton.nu/
More information about the mythtv-users
mailing list