1 |
>>>>> On Sat, 28 Jan 2012, Samuli Suominen wrote: |
2 |
|
3 |
>> This is definitely not an improvement and should be reverted. The |
4 |
>> suid root is also needed to elevate cdrecord's scheduling priority. |
5 |
|
6 |
> Missed that piece of code and reverted then. Any chance you could be |
7 |
> more specific? |
8 |
|
9 |
cdrecord calls mlock(2), setpriority(2), and sched_setscheduler(2) to |
10 |
lock itself in memory and set realtime scheduling (and after having |
11 |
done so, it of course resets its uid to non-root). |
12 |
|
13 |
And yes, it really makes a difference on a moderately loaded machine. |
14 |
(Having written data from physics experiments to thousands of |
15 |
CDs/DVDs/Blurays, I think I can claim some experience here.) |
16 |
|
17 |
With file based capabilities, one could set CAP_IPC_LOCK and |
18 |
CAP_SYS_NICE instead of the suid root. |