Re: KDE 3.0.4 and aRTs
måndagen den 28 oktober 2002 00.38 skrev Michael Schuerig:
> $ dpkg-statoverride --add root audio 4710 /usr/bin/artswrapper
Thank you for this information. I never use noatun for sound, just because I
can't do other things on the computer while it is running. Instead I have
been using gqmpeg, which plays continuously, no matter what happens on the
system. You might have given the solution for usability for noatun.
I included the following information in the man page for artswrapper:
Since artswrapper is a potential security exploitation risk, it does
not have SUID turned on by default. To enable artswrapper one the fol-
lowing has to be done:
1) To set artswrapper SUID with a mode of 4710. This change will dis-
appear when the arts package is updated.
2) To make a permanet change with the following command:
dpkg-statoverride --add root audio 4710 /usr/bin/artswrapper
You also have to add group audio to all users that should be able to
use artswrapper to gain real-time priority.
Does it sound all right?
The possible security exploitation appears be due to the -a option to artsd,
although I can't understand how it can be used to gain root access, since
privileges are dropped before artsd is started.
-- Karolina
Reply to: