| Summary: | [PATCH] implement --drop-privileges flag | ||
|---|---|---|---|
| Product: | PulseAudio | Reporter: | Robert Millan <rmh> |
| Component: | daemon | Assignee: | pulseaudio-bugs |
| Status: | RESOLVED MOVED | QA Contact: | pulseaudio-bugs |
| Severity: | enhancement | ||
| Priority: | medium | CC: | lennart |
| Version: | unspecified | ||
| Hardware: | Other | ||
| OS: | All | ||
| Whiteboard: | |||
| i915 platform: | i915 features: | ||
| Attachments: | [PATCH] --drop-privileges flag | ||
Out of curiosity, what is it that you're doing that needs root privileges? Audio device driving in user-space. See: http://hdl.handle.net/2099.1/25316 Hi Robert! Sorry for taking long with this reply. To me it seems that running pulseaudio as root is a bad idea for security reasons, and there don't seem to be strong evidence for people actually needing this capability. I'm not sure what kernel interfaces you actually need to access as root, but if it's about accessing some specific node under /dev, wouldn't it be much better to give the "pulse" user access to that device node, instead of giving it access to absolutely everything on the system? -- GitLab Migration Automatic Message -- This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/pulseaudio/pulseaudio/issues/155. |
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.
Created attachment 119207 [details] [PATCH] --drop-privileges flag Hi I'm writing a PulseAudio module which needs root privileges in order to work. However, currently it can't be used because PulseAudio drops privileges on startup unconditionally. Please consider the attached patch to implement --drop-privileges flag. This flag can be set to false to disable privilege dropping (marked as "DANGEROUS" for users who know what they're doing).