[vorbis-dev] ogg123, Chrismas release
cben at crosswinds.net
Tue Dec 26 02:46:38 PST 2000
Gregory Maxwell wrote:
> On Tue, Dec 26, 2000 at 12:26:03AM +0100, Segher Boessenkool wrote:
> > You would have to audit all of Vorbis itself as well. If people want
> > to make ogg123 suid (to give world/group access to the playing Ogg on
> > the audio device), maybe they should just make the audio device world/
> > group writeable? Are there any _re`l_ problems with that?
> Only when you give your friend shell accounts on your systems. :)
The same for suid ogg123 - your friend can run it with any garbage
input/whatever he wants (if he is _that_ nasty, he would bother to
encode some noise :-).
Anyway, a better solution is to make the audio device group writable
and make the ogg123 suid to a user in that group.
> Making them world readable is less advisable.
Beni Cherniavsky <cben at crosswinds.net>
(also scben at t2,cben at tx in Technion)
No, No! You're not thinking; you're just being logical.
- Niels Bohr
--- >8 ----
List archives: http://www.xiph.org/archives/
Ogg project homepage: http://www.xiph.org/ogg/
To unsubscribe from this list, send a message to 'vorbis-dev-request at xiph.org'
containing only the word 'unsubscribe' in the body. No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.
More information about the Vorbis-dev