Re: [ardour-dev] ardour

To: Josselin Mouette <josselin.mouette@ens-lyon.org>
Cc: debian-devel@lists.debian.org, ardour-dev@lists.sourceforge.net
Subject: Re: [ardour-dev] ardour
From: Paul Davis <pbd@op.net>
Date: Wed, 11 Sep 2002 22:22:17 -0400
Message-id: <[🔎] 20020912021850.9DB1B1FA45@murphy.debian.org>
In-reply-to: Your message of "12 Sep 2002 01:07:15 +0200." <[🔎] 1031785635.3919.22.camel@arrakis>

>Be warned that I'm only talking about the default compiler. A user can
>install another compiler, but if he types in "gcc", it will still launch
>the default compiler.

how can debian ensure that? you are requiring that all user's read and
adhere to the debian bible. if they ever do anything else (such as
download gcc.tar.bz2 and build+install it from source), this isn't
true anymore.

btw: i consider my ability to do this a critical part of what makes
linux appealing to me.

>> What about those people who decide that wanted gcc 3.0's better
>> performance on their machine, installed it, switched to it as the
>> default, never compiled any C++ until one day ...
>
>If a user wants to use a different compiler, he should know what he is
>doing. 

"should": no doubt about that. "will" ???

>> as for security issues, thats pretty much irrelevant for a program
>> that to be used as intended, requires root priviledge or various
>> capabilities that make it possible to do anything with the
>> machine. such a program is a massive security hole, and will be until
>> the basic level of security granularity in the kernel changes. i'm not
>> particularly interested in issues like a buffer overflow fix in some
>> C++ library when the program itself is a such a huge security hole.
>
>Security issues are all the more important when the program requires
>root privileges. A security flaw in the software will have far worse
>consequences if the software is run as root. Being run as root is not a
>security flaw by itself, it is a conception weakness (due to problems to
>the kernel design, if I read you) that must be compensated for by strict
>security.

when ardour runs as root, it can trivially be caused to do anything to
the machine, ranging from a DoS caused by using SCHED_FIFO and
mlockall(), to scripting by using the GTK+ engines system. the GTK+
folk are very insistent that no GTK+ application ever be run suid root
for this very reason. they think that you should build a "helper
application" to deal with this issue, which just doesn't cut it in a
system where the integration between the GUI and the core of the
program at run time has to be so tight.

if you write a program that uses a GUI and SCHED_FIFO and mlockall()
and you run it as root, all security bets are off. 

>Debian users usually report bugs via the BTS, as it is generally much
>simpler for them to use the same interface for all the bugs they report.

when i installed debian for my brother a month or two ago, i never saw
anything about the BTS. i've never heard of it, and nothing during the
install told us about it. we had a fully functioning linux system with
ardour running, and any bugs that he discovered would have been sent
straight to ardour-dev.

--p

Reply to:

Follow-Ups:
- Re: [ardour-dev] ardour
  - From: Bernd Eckenfels <lists@lina.inka.de>

References:
- Re: [ardour-dev] ardour
  - From: Josselin Mouette <josselin.mouette@ens-lyon.org>

Prev by Date: Re: [ardour-dev] ardour
Next by Date: Re: [ardour-dev] ardour
Previous by thread: Re: [ardour-dev] ardour
Next by thread: Re: [ardour-dev] ardour
Index(es):
- Date
- Thread