[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: how is pulseaudio supposed to work?



Le Mer 19 décembre 2007 16:02, Lennart Poettering a écrit :
> On Wed, 19.12.07 09:18, Simo Sorce (ssorce redhat com) wrote:
>
>> > If you want to open up dmix to multiple users at the same time you
>> > need to change it to 0666 or so, which is a security hole and
>> needs
>> > some non-trivial reconfiguration.
>>
>> Only if you have a mic, common on laptops, uncommon on desktops
>> (just my
>> 2c)
>
> Hmm? What does dmix have to do with microphones?

You raised the security argument. Mere mortals like Simo only see
actual potential security problems with microphones. (running a wide
open dmix is a small security problem but no one here is asking to mix
the active desktop session beeps with the background music started out
of this  session)

Note that:
- being able to cut audio resources from other applications just by
logging in is a DoS in security-speak.
- if you can log in a system there are many more attack vectors than
audio devices (let alone that most of the time people will have also
physical access so they can leave a small recorder next to the
computer)
- pushing many users to hack manually around rigid security rules that
forbid common use-cases has not been known to improve security
overall.

-- 
Nicolas Mailhot


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]