artswrapper's new braces (Re: artswrapper defanged)

Kevin Puetz puetzk at
Thu Aug 8 04:49:08 BST 2002

Phalanx also pointed out that I only got the current thread. I think artsd 
loads all modules (and thus checks the taints) at startup, before any 
threads other than the main one exist, but I'll have to verify that and/or 
make it iterate the current threads and change them all.

Neil Stevens wrote:
> Hash: SHA1
> On Wednesday August 07, 2002 08:28, Kevin Puetz wrote:
>> arts will drop RT permissions entirely if an untrusted module is loaded,
>> *before* executing *any* code from this module.
> Can you ifdef this with a configure option?  It could be useful for, say,
> developers who are writing a playobject, to have the option to have some
> things owned as his own user.

OK... You could also chown the .la file, and not the .so file (thus giving 
the module explicit blessing as I discussed when claiming this wasn't a 
bug). But I can see a configure option. Any great ideas on what to call 
it's that's clear (other than --DoS-me-harder)? Or maybe even an env var 
(could be set by artswrapper --rt-all or some such) so you don't have to 

>> One remaining issue is whether or not we should attempt to inform the
>> user when priority is dropped that this has occurred, and how to do so
>> (artsmessage? just something on stderr?). Any thoughts on this subject
>> are welcome.
> Well, yes, please do.  It's a pretty important event, especially if you
> don't retake realtime afterward.  And artsmessage would be the thing to
> use, same as with any other arts message.

That was my opinion also. It's really not possible to retake realtime 
afterwards (other than restarting the arts server) because as long as we're 
assuming the module might have been malicious, it had full access to all 
our memory and we don't know what it did that might surface later. Once 
compromised, always compromised.

> I'm reminded of when the artsd restart code was restarting artsd without
> realtime.. very annoying.

Heh, I bugged Njaard about that too. not sure why it's still not using 
kcminit, but at least it gets realtime right now.
> - --
> Neil Stevens - neil at
> "I always cheer up immensely if an attack is particularly wounding
> because I think, well, if they attack one personally, it means they
> have not a single political argument left." - Margaret Thatcher
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see
> iD8DBQE9Ueg6f7mnligQOmERArJ3AJ4qe7x20UlkvpD1Fnx+AUuVjoEzRQCePSa2
> Bp10QHj5/E7mAxkIaEzUIi4=
> =WstA

More information about the kde-core-devel mailing list