Lennart Poettering wrote:
To suspend audio for inactive sessions and only allow audio for active
sessions fixes a big security hole.
But it sucks if you are playing music for the room and someone else
wants to check their email.
And it's not just we who fixed
this hole like this. Apple for example does it too. And usually Apple
is the gold standard of user-friendliness, right?
No, it sucks just as much when itunes does it. You expect that kind of
stuff from Apple who only has a short history of multi-user machines and
who would really rather sell you an apple tv or ipod with dock that you
can dedicate to driving your speakers, though. Linux has always been
multi-user and doesn't have any such excuses for arbitrarily
disconnecting devices.
Allowing multiple different users audio device access at the same is a
security nightmare. It has been with ALSA dmix. And it is even more so
in PA.
Doesn't the kernel have a mechanism for exclusive locks on devices if
someone wants to have exclusive access? It's not all that difficult to
eavesdrop on music playing loudly anyway...
Far down on my todo list is adding some kind of handover logic between
multiple PA instances, so that we can add fading of audio when we
switch sessions. This would also allow us to continue playback from
inactive sessions if the now active user is OK with that. But this is
complex, security-sensitive and not a priority. So don't expect any
quick results.
What's the right way to set up a media player service that isn't
attached to anyone's session?
--
Les Mikesell
lesmikesell@xxxxxxxxx
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
