Re: Intention to package x11amp

To: debian-devel@lists.debian.org
Cc:
Subject: Re: Intention to package x11amp
From: Andreas Jellinghaus <aj@dungeon.inka.de>
Date: Fri, 8 May 1998 09:08:54 +0200
Message-id: <[🔎] E0yXhH4-0000MM-00@dungeon.inka.de>
In-reply-to: <[🔎] y9hg1ilebcq.fsf@always.got.net>

>One question: x11amp uses the real-time functions of Linux (and sounds
>much better) if it's installed suid-root, but there are unknown holes
>that this opens up. Should I use suidmanager and make it suid?

don't make it suid if it works without (mpg123, amp both work well as normal
programs), register it with suidmanager without suid bit, and document in
README.debian how to make it suid, what advantages this has, and the security
risks. 

maybe also look for buffer overflows or similiar stuff in the source.

andreas


--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Intention to package x11amp
  - From: Ben Gertzfield <che@debian.org>

References:
- Intention to package x11amp
  - From: Ben Gertzfield <che@debian.org>

Prev by Date: Re: installation report of hamm 26.4.
Next by Date: Re: Intention to package x11amp
Previous by thread: Re: Intention to package x11amp
Next by thread: Re: Intention to package x11amp
Index(es):
- Date
- Thread