Subject: Re: [ecasound] Multitrack problems resolved! (almost)
From: S. Massy (theanaloguekid_AT_tak.net.dhis.org)
Date: Thu Oct 04 2001 - 00:03:57 EEST
On Wed, 03 Oct 2001, Kai Vehmanen <k_AT_eca.cx> wrote:
> The root of the problem is that ecasound doesn't contain any code for
> altering priviledge levels. If it is runs with root-priviledges, it does
> everything as root. For instance in libecasound/eca-control-objects.cpp,
> in edit_chainsetup(), there's a system() call for executing an external
> editor. Doing this as root is not generally thought as secure.
> Other big problem area is libecasound/audioio-forked-stream.cpp, which use
> to exec() mpg123, ogg, and other external programs as specified in
> ~/.ecasoundrc. This is also a bit unsafe when run as root.
At all time this is not really recommended but the very bad thing is
that you can specify what program is to be executed from your home
directory. Imagine an evil one gets on your system and edits his
.ecasoundrc to contain the line:
"ext-text-editor = ~/MY_VERY_EVIL_CODE"
> But all in all, this shouldn't be that big of an issue. For noncritical
> uses, just don't set the suid-bit, but run as a normal user. If you have
> an untrusted setup, and you don't want to login as root, the following
> helps a bit:
> cd /usr/local/bin
> chown root.ecausers ecasound
> chmod 4750 ecasound
> In other words, ecasound binary is set as suid-root (so it is run with
> root-priviledges), but only root and members of the ecausers groups can
> start it. Now just add all trusted ecasound users to the group and you are
Yes... and make sure that those don't have the right to login remotely.
> Audio software for Linux!
> To unsubscribe send message 'unsubscribe' in the body of the
> message to <ecasound-list-request_AT_wakkanet.fi>.
-- To unsubscribe send message 'unsubscribe' in the body of the message to <ecasound-list-request_AT_wakkanet.fi>.
This archive was generated by hypermail 2b28 : Wed Oct 03 2001 - 23:59:44 EEST