artswrapper defanged

Neil Stevens neil at qualityassistant.com
Tue Jul 16 15:06:56 BST 2002 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday July 16, 2002 02:39, Rik Hemsley wrote:
> Security should be enabled by default, not disabled.

But you didn't just change defaults, you destructively removed 
features without giving an option to turn them back on!  With the job only 
half-done, leaving features removed in this state, your changes are just 
going to get reverted unless you finish the job.

> How many people need artsd to provide them with 'realtime' sound ?
> It looks like it's only Brahms users.

I do.  And who are you to question what features are needed in Stefan's 
code anyway?  Is this about security, or about you imposing your will on 
aRts?

> How about we enable realtime scheduling only when someone is using
> an app which requires artsd to have such privileges ? Quite easy to
> do in a pretty way. kdesu can prompt the user and you can show a dialog
> warning about the possibilities for bad things happening.

Reasonable idea.  Try it.

> Note that even without a DoS from another local user, you can have your
> system hang due to a bug in artsd. Last time I installed artswrapper
> suid, the system hung solid when I started artsd.

Now you're reaching.  Realtime was never on by default in kcontrol.  The 
only people who will turn it on are those who were already having trouble 
without it.

> #if Neil Stevens
>
> > So there is really no gain in attempting to getting paranoid here.  No
> > sane multi-untrusted-user system will ever have artswrapper suid, no
> > matter what restrictions are put on it.
>
> And no sane sysadmin will install KDE for her users, because KDE doesn't
> care about security. It installs useless (to users on such a system)
> programs suid, requiring her to go and fix the holes.

What do you know about security?  You're attempting to apply a blanket 
security model to all KDE users!

Stop treating security like some magical marketing word that makes everyone 
jump, and think in terms of actual users of KDE.  You've already gotten 
support for making the suid install configurable.  *That* serves the users 
needs.  Why isn't that enough?

- - -- 
Neil Stevens - neil at qualityassistant.com
"I always cheer up immensely if an attack is particularly wounding
because I think, well, if they attack one personally, it means they
have not a single political argument left." - Margaret Thatcher
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9NCYXf7mnligQOmERAh09AJ9/68J2K/D7iSj6aaCKT6BWZVsQJQCfRIhp
Ufle6qXkDRZ92IhmG+LEv9A=
=srAi
- -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9NCiAf7mnligQOmERAjNzAJ4xqUEPBfDtYor2Q8wE4Dfe+8NOUQCfcCzb
E5mQ4tEjg5jANMQN+Us2nhk=
=62sV
-----END PGP SIGNATURE-----

More information about the kde-core-devel mailing list