On Saturday 17 May 2003 19:50, Martin Schlemmer wrote:
> On Sat, 2003-05-17 at 15:48, Grant Goodyear wrote:
> > > > > I'm adding a new local use flag for kde-base/arts: artswrappersuid.
> > > > > It sets artswrapper suid root, which allows artsd (kde's sound
> > > > > server) to run with realtime priority and avoid skips and clicks,
> > > > > but it's a security hazard, so it's off by default.
> > If we're going to go the USE flag route, how about a generic "suid"
> > flag, then, instead of a local USE flag. I know this issue either
> > can or does occur for more than one package.
> Does make sense, as adding support for one package will bring request
> for the others we do not suid by default.
Well, security isn't my home turf, so since everyone thinks a global flag is
OK, I won't object :-) (Spider already replied to me privately suggesting the
same thing, but then seemed to change his mind, or maybe I just misunderstood
him. Anyhow, what do other people think, in particular our security people?.)
Just that as I said to him, it would have to be on by default and
defined as: "Turn off this flag to enable highly insecure default
configurations for the sake of performance - for fully trusted environments
only". That could even be a global "security" flag, not just "suid". But it's
ok with me either way. Opinions?
Gentoo Linux developer (KDE)
Public GPG key: http://cvs.gentoo.org/~danarmak/danarmak-gpg-public.key