public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-dev] New local use flag for arts: artswrappersuid
@ 2003-05-16 22:43 Dan Armak
  2003-05-16 23:18 ` Martin Schlemmer
  0 siblings, 1 reply; 8+ messages in thread
From: Dan Armak @ 2003-05-16 22:43 UTC (permalink / raw
  To: gentoo-dev

[-- Attachment #1: signed data --]
[-- Type: text/plain, Size: 411 bytes --]

Hello everyone,

I'm adding a new local use flag for kde-base/arts: artswrappersuid. It sets 
artswrapper suid root, which allows artsd (kde's sound server) to run with 
realtime priority and avoid skips and clicks, but it's a security hazard, so 
it's off by default.

-- 
Dan Armak
Gentoo Linux developer (KDE)
Matan, Israel
Public GPG key: http://cvs.gentoo.org/~danarmak/danarmak-gpg-public.key

[-- Attachment #2: signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [gentoo-dev] New local use flag for arts: artswrappersuid
  2003-05-16 22:43 [gentoo-dev] New local use flag for arts: artswrappersuid Dan Armak
@ 2003-05-16 23:18 ` Martin Schlemmer
  2003-05-17  7:48   ` Dan Armak
  0 siblings, 1 reply; 8+ messages in thread
From: Martin Schlemmer @ 2003-05-16 23:18 UTC (permalink / raw
  To: Dan Armak; +Cc: Gentoo-Dev

[-- Attachment #1: Type: text/plain, Size: 616 bytes --]

On Sat, 2003-05-17 at 00:43, Dan Armak wrote:
> Hello everyone,
> 
> I'm adding a new local use flag for kde-base/arts: artswrappersuid. It sets 
> artswrapper suid root, which allows artsd (kde's sound server) to run with 
> realtime priority and avoid skips and clicks, but it's a security hazard, so 
> it's off by default.

Dan, isn't this something that the admin should set for himself ?
I mean, just adding a USE flag for that, even when local do sound
a bit excessive ....


Cheers,

-- 

Martin Schlemmer
Gentoo Linux Developer, Desktop/System Team Developer
Cape Town, South Africa



[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [gentoo-dev] New local use flag for arts: artswrappersuid
  2003-05-16 23:18 ` Martin Schlemmer
@ 2003-05-17  7:48   ` Dan Armak
  2003-05-17 13:48     ` Grant Goodyear
  0 siblings, 1 reply; 8+ messages in thread
From: Dan Armak @ 2003-05-17  7:48 UTC (permalink / raw
  To: gentoo-dev

[-- Attachment #1: signed data --]
[-- Type: text/plain, Size: 1135 bytes --]

On Saturday 17 May 2003 02:18, Martin Schlemmer wrote:
> On Sat, 2003-05-17 at 00:43, Dan Armak wrote:
> > Hello everyone,
> >
> > I'm adding a new local use flag for kde-base/arts: artswrappersuid. It
> > sets artswrapper suid root, which allows artsd (kde's sound server) to
> > run with realtime priority and avoid skips and clicks, but it's a
> > security hazard, so it's off by default.
>
> Dan, isn't this something that the admin should set for himself ?
> I mean, just adding a USE flag for that, even when local do sound
> a bit excessive ....

Well, isn't whoever emerges KDE (and thus has root perms) the admin of the 
box? So now he can do USE=artswrappersuid instead of running chmod +s 
manually. The important difference is that you can set the use flag once in 
make.conf and forget about it. In my experience, after emerging a new kde I 
usually forget to do the chmod manually, start the new kde, get a warning 
about no realtime permissions, chmod and restart.

-- 
Dan Armak
Gentoo Linux developer (KDE)
Matan, Israel
Public GPG key: http://cvs.gentoo.org/~danarmak/danarmak-gpg-public.key

[-- Attachment #2: signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [gentoo-dev] New local use flag for arts: artswrappersuid
  2003-05-17  7:48   ` Dan Armak
@ 2003-05-17 13:48     ` Grant Goodyear
  2003-05-17 16:50       ` Martin Schlemmer
  2003-05-20  9:27       ` Václav Hůla
  0 siblings, 2 replies; 8+ messages in thread
From: Grant Goodyear @ 2003-05-17 13:48 UTC (permalink / raw
  To: Dan Armak; +Cc: gentoo-dev

> > > I'm adding a new local use flag for kde-base/arts: artswrappersuid. It
> > > sets artswrapper suid root, which allows artsd (kde's sound server) to
> > > run with realtime priority and avoid skips and clicks, but it's a
> > > security hazard, so it's off by default.

If we're going to go the USE flag route, how about a generic "suid" 
flag, then, instead of a local USE flag.  I know this issue either
can or does occur for more than one package.

-- 
Grant Goodyear				The Secrets of Physics:
Dept. of Chemistry			1. Add zero.
Clemson University			2. Multiply by one.
Clemson, SC  29617			3. Expand in a Taylor series
(864) 656-7702				4. Integrate by parts.
e-mail: grant@grantgoodyear.org		5. Fourier transform.

--
gentoo-dev@gentoo.org mailing list


^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [gentoo-dev] New local use flag for arts: artswrappersuid
  2003-05-17 13:48     ` Grant Goodyear
@ 2003-05-17 16:50       ` Martin Schlemmer
  2003-05-17 18:49         ` Dan Armak
  2003-05-20  9:27       ` Václav Hůla
  1 sibling, 1 reply; 8+ messages in thread
From: Martin Schlemmer @ 2003-05-17 16:50 UTC (permalink / raw
  To: goodyea; +Cc: Dan Armak, Gentoo-Dev

[-- Attachment #1: Type: text/plain, Size: 760 bytes --]

On Sat, 2003-05-17 at 15:48, Grant Goodyear wrote:
> > > > I'm adding a new local use flag for kde-base/arts: artswrappersuid. It
> > > > sets artswrapper suid root, which allows artsd (kde's sound server) to
> > > > run with realtime priority and avoid skips and clicks, but it's a
> > > > security hazard, so it's off by default.
> 
> If we're going to go the USE flag route, how about a generic "suid" 
> flag, then, instead of a local USE flag.  I know this issue either
> can or does occur for more than one package.

Does make sense, as adding support for one package will bring request
for the others we do not suid by default.


-- 

Martin Schlemmer
Gentoo Linux Developer, Desktop/System Team Developer
Cape Town, South Africa



[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [gentoo-dev] New local use flag for arts: artswrappersuid
  2003-05-17 16:50       ` Martin Schlemmer
@ 2003-05-17 18:49         ` Dan Armak
  2003-05-17 19:47           ` torbenh
  0 siblings, 1 reply; 8+ messages in thread
From: Dan Armak @ 2003-05-17 18:49 UTC (permalink / raw
  To: gentoo-dev

[-- Attachment #1: signed data --]
[-- Type: text/plain, Size: 1510 bytes --]

On Saturday 17 May 2003 19:50, Martin Schlemmer wrote:
> On Sat, 2003-05-17 at 15:48, Grant Goodyear wrote:
> > > > > I'm adding a new local use flag for kde-base/arts: artswrappersuid.
> > > > > It sets artswrapper suid root, which allows artsd (kde's sound
> > > > > server) to run with realtime priority and avoid skips and clicks,
> > > > > but it's a security hazard, so it's off by default.
> >
> > If we're going to go the USE flag route, how about a generic "suid"
> > flag, then, instead of a local USE flag.  I know this issue either
> > can or does occur for more than one package.
>
> Does make sense, as adding support for one package will bring request
> for the others we do not suid by default.

Well, security isn't my home turf, so since everyone thinks a global flag is 
OK, I won't object :-) (Spider already replied to me privately suggesting the 
same thing, but then seemed to change his mind, or maybe I just misunderstood 
him. Anyhow, what do other people think, in particular our security people?.)

Just that as I said to him, it would have to be on by default and 
defined as: "Turn off this flag to enable highly insecure default 
configurations for the sake of performance - for fully trusted environments 
only". That could even be a global "security" flag, not just "suid". But it's 
ok with me either way. Opinions?

-- 
Dan Armak
Gentoo Linux developer (KDE)
Matan, Israel
Public GPG key: http://cvs.gentoo.org/~danarmak/danarmak-gpg-public.key

[-- Attachment #2: signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [gentoo-dev] New local use flag for arts: artswrappersuid
  2003-05-17 18:49         ` Dan Armak
@ 2003-05-17 19:47           ` torbenh
  0 siblings, 0 replies; 8+ messages in thread
From: torbenh @ 2003-05-17 19:47 UTC (permalink / raw
  To: gentoo-dev

[-- Attachment #1: Type: text/plain, Size: 1279 bytes --]

On Sat, May 17, 2003 at 09:49:32PM +0300, Dan Armak wrote:
Content-Description: signed data
> Well, security isn't my home turf, so since everyone thinks a global flag is 
> OK, I won't object :-) (Spider already replied to me privately suggesting the 
> same thing, but then seemed to change his mind, or maybe I just misunderstood 
> him. Anyhow, what do other people think, in particular our security people?.)
> 
> Just that as I said to him, it would have to be on by default and 
> defined as: "Turn off this flag to enable highly insecure default 
> configurations for the sake of performance - for fully trusted environments 
> only". That could even be a global "security" flag, not just "suid". But it's 
> ok with me either way. Opinions?

i dont like the idea of a global suid flag.

an alternative would be to implement this feature with sudo and have a
sudo-update script which creates an autogenerated script in a
path which is scanned prior to /usr/bin...

i am not sure how this script will be unmerged, but it could be ok if
sudo-update added the script to /var/db/pkg/*/*/CONTENTS....

This seems a little safer to me... but much more hassle of course.


-- 
torben Hohn
http://galan.sourceforge.net -- The graphical Audio language

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [gentoo-dev] New local use flag for arts: artswrappersuid
  2003-05-17 13:48     ` Grant Goodyear
  2003-05-17 16:50       ` Martin Schlemmer
@ 2003-05-20  9:27       ` Václav Hůla
  1 sibling, 0 replies; 8+ messages in thread
From: Václav Hůla @ 2003-05-20  9:27 UTC (permalink / raw
  To: gentoo-dev

On Saturday 17 of May 2003 15:48, Grant Goodyear wrote:
> > > > I'm adding a new local use flag for kde-base/arts: artswrappersuid.
> > > > It sets artswrapper suid root, which allows artsd (kde's sound
> > > > server) to run with realtime priority and avoid skips and clicks, but
> > > > it's a security hazard, so it's off by default.
>
> If we're going to go the USE flag route, how about a generic "suid"
> flag, then, instead of a local USE flag.  I know this issue either
> can or does occur for more than one package.

I think that generic 'suid' flag is very bad thing (security wise), as it can 
bring suid programs into system without admins knowledge. 

Ax
-- 
S pozdravem
Vaclav Hula	                                 vaclav.hula@capitol.cz
Capitol Internet Publisher, Korunovacni 6, 170 00 Prague 7, Czech Republic
tel.: ++420 2 3337 1113, fax:  ++420 2 3337 1112



--
gentoo-dev@gentoo.org mailing list


^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2003-05-20  9:27 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-05-16 22:43 [gentoo-dev] New local use flag for arts: artswrappersuid Dan Armak
2003-05-16 23:18 ` Martin Schlemmer
2003-05-17  7:48   ` Dan Armak
2003-05-17 13:48     ` Grant Goodyear
2003-05-17 16:50       ` Martin Schlemmer
2003-05-17 18:49         ` Dan Armak
2003-05-17 19:47           ` torbenh
2003-05-20  9:27       ` Václav Hůla

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox