[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: About realtime rights
From:       geertj () stack ! nl (Geert Jansen)
Date:       2000-07-10 8:00:09
[Download RAW message or body]

 
> > (1)  a realtime process can freeze the system, by going into an infinite loop
> > (2)  it can steal other peoples CPU time as the timesharing is circumvented
> > (3)  while bringing down a system with while(1) fork(); is usually possible,
> >      doing an equivalent with all these processes having realtime rights is
> > 	 much more efficient
> 
> I think you forgot the biggest risk: security. suid
> applications are evil. period. And a server being started suid
> root is _very_ evil. I don't even want to think about a suid
> server having real-time priority and accepting network
> connections. Scary.

The server is not suid root. Only artswrapper is, in order to be able
to set realtime scheduling. After this, root privileges are dropped and
the artsd is exec()'d.

Greetings,
-- 
    Geert Jansen,                                email: <geertj@stack.nl>
    Phylosopher and Physicist                      PGP key ID: 0xD2B5E7CE

[prev in list] [next in list] [prev in thread] [next in thread]