• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Another approach to root user?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Another approach to root user?

  • Subject: Re: Another approach to root user?
  • From: Ethan Funk <email@hidden>
  • Date: Tue, 28 Mar 2006 13:36:07 -0700
I would _never_ run a server like this as root. The reason why is that it is essentially a big giant security hole, especially since anybody can send TCP packets to it to make it do things like fork other processes. Plus, I can't see that a server like this has any need of the power of root to do it's job anyway. Why take on such a risk?

The right thing to do is to run this server as some user logged in via a non-console session.

Finally, CoreMIDI is a per-user type thing. In particular, the MIDI server itself is launched inside the user's login session. I'm not sure what's going to happen when the MIDI server needs to be launched outside of an actively logged in user's session. It could work fine, but more likely it will confuse things a bit. Hopefully Doug can clarify this for us.

I guess what I'm hearing is that I must have a user's login session for the midi to work. I really want to have midi machine control for starting/stopping things via hardware directly to the server, but I guess if there is no other way, that functionality will have to be moved to the client application.

Running the server as a user logged in via a non-console session would also solve this problem.

I agree, except that the audio stops playing when the non-console user that it is running under logs out. This is not acceptable behavior for my application. If I could keep audio and midi running after the user logs out, I would be very happy. Any idea how to do that? I would happily abandon launchd and root user if I could find a way to keep audio playing!

On the security side of things: I have implemented a user privilege drop to a non-root user on processes that the server forks when it is running as root. The only remaining security hole I can think of is that the server can play any audio files on the system with out regard to file permissions.

Ethan...
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Coreaudio-api mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • Re: Another approach to root user?

      • From: Jeff Moore <email@hidden>
      • 





References: 


 >Another approach to root user? (From: Ethan Funk <email@hidden>)


 >Re: Another approach to root user? (From: Jeff Moore <email@hidden>)


 >Re: Another approach to root user? (From: Ethan Funk <email@hidden>)


 >Re: Another approach to root user? (From: Jeff Moore <email@hidden>)






    

  • Prev by Date:
Re: Another approach to root user?

    • 

  • Next by Date:
Re: Another approach to root user?

    • 

  • Previous by thread:
Re: Another approach to root user?

    • 

  • Next by thread:
Re: Another approach to root user?

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •