Re: KDE 3.0.4 and aRTs

[Karolina Lindqvist <pgd-karolinali@algonet.se>]

måndagen den 28 oktober 2002 00.38 skrev Michael Schuerig:

> $ dpkg-statoverride --add root audio 4710 /usr/bin/artswrapper

Thank you for this information. I never use noatun for sound, just because I 
can't do other things on the computer while it is running. Instead I have 
been using gqmpeg, which plays continuously, no matter what happens on the 
system. You might have given the solution for usability for noatun.

I included the following information in the man page for artswrapper:

Since artswrapper is a potential security exploitation  risk,  it  does
       not  have SUID turned on by default. To enable artswrapper one the fol-
       lowing has to be done:
       1) To set artswrapper SUID with a mode of 4710.  This change will  dis-
       appear when the arts package is updated.
       2) To make a permanet change with the following command:
       dpkg-statoverride --add root audio 4710 /usr/bin/artswrapper

       You  also  have  to add group audio to all users that should be able to
       use artswrapper to gain real-time priority.

Does it sound all right?

The possible security exploitation appears be due to the -a option to artsd, 
although I can't understand how it can be used to gain root access, since 
privileges are dropped before artsd is started.


-- Karolina