* [gentoo-dev] New local use flag for arts: artswrappersuid
@ 2003-05-16 22:43 Dan Armak
2003-05-16 23:18 ` Martin Schlemmer
0 siblings, 1 reply; 8+ messages in thread
From: Dan Armak @ 2003-05-16 22:43 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: signed data --]
[-- Type: text/plain, Size: 411 bytes --]
Hello everyone,
I'm adding a new local use flag for kde-base/arts: artswrappersuid. It sets
artswrapper suid root, which allows artsd (kde's sound server) to run with
realtime priority and avoid skips and clicks, but it's a security hazard, so
it's off by default.
--
Dan Armak
Gentoo Linux developer (KDE)
Matan, Israel
Public GPG key: http://cvs.gentoo.org/~danarmak/danarmak-gpg-public.key
[-- Attachment #2: signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [gentoo-dev] New local use flag for arts: artswrappersuid
2003-05-16 22:43 [gentoo-dev] New local use flag for arts: artswrappersuid Dan Armak
@ 2003-05-16 23:18 ` Martin Schlemmer
2003-05-17 7:48 ` Dan Armak
0 siblings, 1 reply; 8+ messages in thread
From: Martin Schlemmer @ 2003-05-16 23:18 UTC (permalink / raw
To: Dan Armak; +Cc: Gentoo-Dev
[-- Attachment #1: Type: text/plain, Size: 616 bytes --]
On Sat, 2003-05-17 at 00:43, Dan Armak wrote:
> Hello everyone,
>
> I'm adding a new local use flag for kde-base/arts: artswrappersuid. It sets
> artswrapper suid root, which allows artsd (kde's sound server) to run with
> realtime priority and avoid skips and clicks, but it's a security hazard, so
> it's off by default.
Dan, isn't this something that the admin should set for himself ?
I mean, just adding a USE flag for that, even when local do sound
a bit excessive ....
Cheers,
--
Martin Schlemmer
Gentoo Linux Developer, Desktop/System Team Developer
Cape Town, South Africa
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [gentoo-dev] New local use flag for arts: artswrappersuid
2003-05-16 23:18 ` Martin Schlemmer
@ 2003-05-17 7:48 ` Dan Armak
2003-05-17 13:48 ` Grant Goodyear
0 siblings, 1 reply; 8+ messages in thread
From: Dan Armak @ 2003-05-17 7:48 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: signed data --]
[-- Type: text/plain, Size: 1135 bytes --]
On Saturday 17 May 2003 02:18, Martin Schlemmer wrote:
> On Sat, 2003-05-17 at 00:43, Dan Armak wrote:
> > Hello everyone,
> >
> > I'm adding a new local use flag for kde-base/arts: artswrappersuid. It
> > sets artswrapper suid root, which allows artsd (kde's sound server) to
> > run with realtime priority and avoid skips and clicks, but it's a
> > security hazard, so it's off by default.
>
> Dan, isn't this something that the admin should set for himself ?
> I mean, just adding a USE flag for that, even when local do sound
> a bit excessive ....
Well, isn't whoever emerges KDE (and thus has root perms) the admin of the
box? So now he can do USE=artswrappersuid instead of running chmod +s
manually. The important difference is that you can set the use flag once in
make.conf and forget about it. In my experience, after emerging a new kde I
usually forget to do the chmod manually, start the new kde, get a warning
about no realtime permissions, chmod and restart.
--
Dan Armak
Gentoo Linux developer (KDE)
Matan, Israel
Public GPG key: http://cvs.gentoo.org/~danarmak/danarmak-gpg-public.key
[-- Attachment #2: signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [gentoo-dev] New local use flag for arts: artswrappersuid
2003-05-17 7:48 ` Dan Armak
@ 2003-05-17 13:48 ` Grant Goodyear
2003-05-17 16:50 ` Martin Schlemmer
2003-05-20 9:27 ` Václav Hůla
0 siblings, 2 replies; 8+ messages in thread
From: Grant Goodyear @ 2003-05-17 13:48 UTC (permalink / raw
To: Dan Armak; +Cc: gentoo-dev
> > > I'm adding a new local use flag for kde-base/arts: artswrappersuid. It
> > > sets artswrapper suid root, which allows artsd (kde's sound server) to
> > > run with realtime priority and avoid skips and clicks, but it's a
> > > security hazard, so it's off by default.
If we're going to go the USE flag route, how about a generic "suid"
flag, then, instead of a local USE flag. I know this issue either
can or does occur for more than one package.
--
Grant Goodyear The Secrets of Physics:
Dept. of Chemistry 1. Add zero.
Clemson University 2. Multiply by one.
Clemson, SC 29617 3. Expand in a Taylor series
(864) 656-7702 4. Integrate by parts.
e-mail: grant@grantgoodyear.org 5. Fourier transform.
--
gentoo-dev@gentoo.org mailing list
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [gentoo-dev] New local use flag for arts: artswrappersuid
2003-05-17 13:48 ` Grant Goodyear
@ 2003-05-17 16:50 ` Martin Schlemmer
2003-05-17 18:49 ` Dan Armak
2003-05-20 9:27 ` Václav Hůla
1 sibling, 1 reply; 8+ messages in thread
From: Martin Schlemmer @ 2003-05-17 16:50 UTC (permalink / raw
To: goodyea; +Cc: Dan Armak, Gentoo-Dev
[-- Attachment #1: Type: text/plain, Size: 760 bytes --]
On Sat, 2003-05-17 at 15:48, Grant Goodyear wrote:
> > > > I'm adding a new local use flag for kde-base/arts: artswrappersuid. It
> > > > sets artswrapper suid root, which allows artsd (kde's sound server) to
> > > > run with realtime priority and avoid skips and clicks, but it's a
> > > > security hazard, so it's off by default.
>
> If we're going to go the USE flag route, how about a generic "suid"
> flag, then, instead of a local USE flag. I know this issue either
> can or does occur for more than one package.
Does make sense, as adding support for one package will bring request
for the others we do not suid by default.
--
Martin Schlemmer
Gentoo Linux Developer, Desktop/System Team Developer
Cape Town, South Africa
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [gentoo-dev] New local use flag for arts: artswrappersuid
2003-05-17 16:50 ` Martin Schlemmer
@ 2003-05-17 18:49 ` Dan Armak
2003-05-17 19:47 ` torbenh
0 siblings, 1 reply; 8+ messages in thread
From: Dan Armak @ 2003-05-17 18:49 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: signed data --]
[-- Type: text/plain, Size: 1510 bytes --]
On Saturday 17 May 2003 19:50, Martin Schlemmer wrote:
> On Sat, 2003-05-17 at 15:48, Grant Goodyear wrote:
> > > > > I'm adding a new local use flag for kde-base/arts: artswrappersuid.
> > > > > It sets artswrapper suid root, which allows artsd (kde's sound
> > > > > server) to run with realtime priority and avoid skips and clicks,
> > > > > but it's a security hazard, so it's off by default.
> >
> > If we're going to go the USE flag route, how about a generic "suid"
> > flag, then, instead of a local USE flag. I know this issue either
> > can or does occur for more than one package.
>
> Does make sense, as adding support for one package will bring request
> for the others we do not suid by default.
Well, security isn't my home turf, so since everyone thinks a global flag is
OK, I won't object :-) (Spider already replied to me privately suggesting the
same thing, but then seemed to change his mind, or maybe I just misunderstood
him. Anyhow, what do other people think, in particular our security people?.)
Just that as I said to him, it would have to be on by default and
defined as: "Turn off this flag to enable highly insecure default
configurations for the sake of performance - for fully trusted environments
only". That could even be a global "security" flag, not just "suid". But it's
ok with me either way. Opinions?
--
Dan Armak
Gentoo Linux developer (KDE)
Matan, Israel
Public GPG key: http://cvs.gentoo.org/~danarmak/danarmak-gpg-public.key
[-- Attachment #2: signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [gentoo-dev] New local use flag for arts: artswrappersuid
2003-05-17 18:49 ` Dan Armak
@ 2003-05-17 19:47 ` torbenh
0 siblings, 0 replies; 8+ messages in thread
From: torbenh @ 2003-05-17 19:47 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 1279 bytes --]
On Sat, May 17, 2003 at 09:49:32PM +0300, Dan Armak wrote:
Content-Description: signed data
> Well, security isn't my home turf, so since everyone thinks a global flag is
> OK, I won't object :-) (Spider already replied to me privately suggesting the
> same thing, but then seemed to change his mind, or maybe I just misunderstood
> him. Anyhow, what do other people think, in particular our security people?.)
>
> Just that as I said to him, it would have to be on by default and
> defined as: "Turn off this flag to enable highly insecure default
> configurations for the sake of performance - for fully trusted environments
> only". That could even be a global "security" flag, not just "suid". But it's
> ok with me either way. Opinions?
i dont like the idea of a global suid flag.
an alternative would be to implement this feature with sudo and have a
sudo-update script which creates an autogenerated script in a
path which is scanned prior to /usr/bin...
i am not sure how this script will be unmerged, but it could be ok if
sudo-update added the script to /var/db/pkg/*/*/CONTENTS....
This seems a little safer to me... but much more hassle of course.
--
torben Hohn
http://galan.sourceforge.net -- The graphical Audio language
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [gentoo-dev] New local use flag for arts: artswrappersuid
2003-05-17 13:48 ` Grant Goodyear
2003-05-17 16:50 ` Martin Schlemmer
@ 2003-05-20 9:27 ` Václav Hůla
1 sibling, 0 replies; 8+ messages in thread
From: Václav Hůla @ 2003-05-20 9:27 UTC (permalink / raw
To: gentoo-dev
On Saturday 17 of May 2003 15:48, Grant Goodyear wrote:
> > > > I'm adding a new local use flag for kde-base/arts: artswrappersuid.
> > > > It sets artswrapper suid root, which allows artsd (kde's sound
> > > > server) to run with realtime priority and avoid skips and clicks, but
> > > > it's a security hazard, so it's off by default.
>
> If we're going to go the USE flag route, how about a generic "suid"
> flag, then, instead of a local USE flag. I know this issue either
> can or does occur for more than one package.
I think that generic 'suid' flag is very bad thing (security wise), as it can
bring suid programs into system without admins knowledge.
Ax
--
S pozdravem
Vaclav Hula vaclav.hula@capitol.cz
Capitol Internet Publisher, Korunovacni 6, 170 00 Prague 7, Czech Republic
tel.: ++420 2 3337 1113, fax: ++420 2 3337 1112
--
gentoo-dev@gentoo.org mailing list
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2003-05-20 9:27 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-05-16 22:43 [gentoo-dev] New local use flag for arts: artswrappersuid Dan Armak
2003-05-16 23:18 ` Martin Schlemmer
2003-05-17 7:48 ` Dan Armak
2003-05-17 13:48 ` Grant Goodyear
2003-05-17 16:50 ` Martin Schlemmer
2003-05-17 18:49 ` Dan Armak
2003-05-17 19:47 ` torbenh
2003-05-20 9:27 ` Václav Hůla
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox