[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: real player plugin only as root

On Thu, 17 Apr 2003 22:41, Slaven Peles wrote:
> On April 16, 2003 11:16 am, Kenneth Dombrowski wrote:
> > Slaven Peles wrote:
> > > Here is example site that works fine for me:
> > > http://www.cbc.ca/news/
> > >
> > > And one that does not:
> > > http://www.msri.org/publications/ln/msri/2003/halgebra/huneke/1/index.h
> > >tm l
> >
> > I can verify both of those work for me, in sid ( I think it's the same
> > realplayer? ). instead of ever changing the permissions of
> > /dev/dsp, I added myself to the 'audio' & 'video' groups
I'm in thread late so please excuse if I'm teaching Grandma to suck eggs, but 
realplayer is a member of either of the above groups and is group executeable?

> I added myself to the both groups too, but the problem persists. The fact
> that it _does_ work as a root tells me that there is a permission problem
> someplace, but I'm running out of ideas where to look. :-( Any suggestions
> would be very welcome.

If it's not a permission problem as above, then this wild guess might help.

Sometimes programs need to run with root's priveledges to be able to lock 
memory or something like that. cdrecord / cdrdao for example.

Such programs can be world executeable, or maybe just group executeable with 
you a member of that group, and they will still fail.

Such programs must be run as root or alternatively must be setuid root, and 
then group or world executeable.

I know that setuid root is sometimes frowned upon but, if you run malware 
with root priveledge it will do it's damage no matter how you run it that way.

In other words, if you are prepared to su and then run programx, you should 
also be prepared to have it setuid. IF and only if programx is a binary file.

Never set a script setuid root!


Reply to: