Re: how is pulseaudio supposed to work?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Le Mer 19 décembre 2007 16:02, Lennart Poettering a écrit :
> On Wed, 19.12.07 09:18, Simo Sorce (ssorce@xxxxxxxxxx) wrote:
>
>> > If you want to open up dmix to multiple users at the same time you
>> > need to change it to 0666 or so, which is a security hole and
>> needs
>> > some non-trivial reconfiguration.
>>
>> Only if you have a mic, common on laptops, uncommon on desktops
>> (just my
>> 2c)
>
> Hmm? What does dmix have to do with microphones?

You raised the security argument. Mere mortals like Simo only see
actual potential security problems with microphones. (running a wide
open dmix is a small security problem but no one here is asking to mix
the active desktop session beeps with the background music started out
of this  session)

Note that:
- being able to cut audio resources from other applications just by
logging in is a DoS in security-speak.
- if you can log in a system there are many more attack vectors than
audio devices (let alone that most of the time people will have also
physical access so they can leave a small recorder next to the
computer)
- pushing many users to hack manually around rigid security rules that
forbid common use-cases has not been known to improve security
overall.

-- 
Nicolas Mailhot

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux