On Mon, 22.09.08 22:07, Les Mikesell (lesmikesell@xxxxxxxxx) wrote: > > Lennart Poettering wrote: >> To suspend audio for inactive sessions and only allow audio for active >> sessions fixes a big security hole. > > But it sucks if you are playing music for the room and someone else wants > to check their email. Yes, I know that some people don't like that behaviour. We had this discussion already. I already put it on my TODO list months ago. We can end this discussion here and now. >> And it's not just we who fixed >> this hole like this. Apple for example does it too. And usually Apple >> is the gold standard of user-friendliness, right? > > No, it sucks just as much when itunes does it. You expect that kind of > stuff from Apple who only has a short history of multi-user machines and > who would really rather sell you an apple tv or ipod with dock that you can > dedicate to driving your speakers, though. Linux has always been multi-user > and doesn't have any such excuses for arbitrarily disconnecting > devices. "arbitrarily"? Oh man. Claiming that things are right because Linux always did it this way is not very convincing. You never noticed that quite a few things in Linux haven't been all that shiny right from day 0? Some things got fixed by now, and this is just another instance. >> Allowing multiple different users audio device access at the same is a >> security nightmare. It has been with ALSA dmix. And it is even more so >> in PA. > > Doesn't the kernel have a mechanism for exclusive locks on devices if > someone wants to have exclusive access? It's not all that difficult to > eavesdrop on music playing loudly anyway... Access to audio devices (both OSS and ALSA) is exclusive by default anyway. >> Far down on my todo list is adding some kind of handover logic between >> multiple PA instances, so that we can add fading of audio when we >> switch sessions. This would also allow us to continue playback from >> inactive sessions if the now active user is OK with that. But this is >> complex, security-sensitive and not a priority. So don't expect any >> quick results. > > What's the right way to set up a media player service that isn't attached > to anyone's session? You can bypass PA if you wish. Or run a specific tailored PA instance for it. It's up to you. Lennart -- Lennart Poettering Red Hat, Inc. lennart [at] poettering [dot] net ICQ# 11060553 http://0pointer.net/lennart/ GnuPG 0x1A015CC4 -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
