| |||||||||||||
Audio latency goes full circleAudio latency goes full circlePosted Feb 10, 2005 17:09 UTC (Thu) by AJWM (guest, #15888)Parent article: Audio latency goes full circle
So they're not requiring setgid just because some wrong-headed (to use their words) userspace library breaks on it? What happened to the kernel developers' attitude of making it *right*, not politically expedient?
If GTK+ breaks on setgid, fix GTK+. It's not like that deliberate breakage really solves a security problem, as the linked message notes. If GTK+ has other security problems because of this, fix *them*.
(Log in to post comments)
Audio latency goes full circle Posted Feb 10, 2005 19:48 UTC (Thu) by oak (subscriber, #2786) [Link] Gtk doesn't "break" with setgid. It refuses to run with more priviledgesby design (to prevent ignorant users from breaking their security). You cannot have secure UI libraries, they are just too large and complex (I think Gtk is some 500 KLOCs) and rely on too many external libraries. Gtk loads following kinds of plugins dynamically at run-time: - input methods - text layout engines - image loaders - theme-engines E.g. theme engines are specified in theme rc files and which rc file is loaded can be specified with an environment variable. As another commentor mentioned, the normal practice for things requiring more priviledges is to do them in a separate process. Secure programs should: - Not have any extra or dynamic dependencies - Do only one thing and do it well so that they are as small / clean as possible (= easy to audit)
|
|||||||||||||