[linux-audio-dev] Linux Security Module for realtime audio

Jack O'Quin joq at io.com
Sun Dec 7 00:35:45 UTC 2003

Previous message: [linux-audio-dev] virtual vocalist - I think we could
Next message: [linux-audio-dev] Linux Security Module for realtime audio
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I've been experimenting with Torben's LSM for the 2.6 kernel, and the
realtime group permissions mechanism we discussed.

Naturally, there are some problems. The worst is that GTK-2 will not
tolerate the use of setgid...

(process:11284): Gtk-WARNING **: This process is currently running setuid or setgid.
This is not a supported use of GTK+. You must create a helper
program instead. For further details, see:

http://www.gtk.org/setuid.html

Refusing to initialize GTK+.

This seems to totally invalidate the setgid approach we had discussed,
at least for audio applications using GTK. QT does not seem to
complain about setgid, though most of the reasons for avoiding it with
GTK surely apply there as well.

So, I modified Torben's LSM to check supplementary groups, and this
seems to work fine. From a system admin perspective it's pretty good.
I'm a member of group `audio', which was accomplished by adding my
user ID (joq) to the appropriate entry in /etc/group...

audio:x:29:joq

Then, I loaded the LSM like this...

$ sudo modprobe jackcapabilities rtgid=29

After that, all my processes have realtime privileges. I can run JACK
under my normal user ID...

$ jackd --realtime -d alsa

I had to make a small change to JACK for this to work, so you'll need
CVS sources to try it. Note that `jackstart' was not needed. Then,
when I start various JACK applications they automatically acquire
realtime privileges, too...

$ alsaplayer -o jack &
$ ardour &
$ jamin &

For reasons I cannot explain, this works without requiring the
CAP_SYS_RESOURCE capability, a welcome but unexpected bonus.

I would appreciate comments, feedback, and bug reports. If you want
to try it, don't forget that it has received minimal testing. Neither
I nor anyone else can promise that it will not adversely affect your
system security or stability. Caveat emptor!
--
joq

-------------- next part --------------
A non-text attachment was scrubbed...
Name: jackcaps-0.3.tar.gz
Type: archive/tar
Size: 4860 bytes
Desc: modified JACK capabilities LSM
URL: <http://lists.linuxaudio.org/pipermail/linux-audio-dev/attachments/20031206/557bb1ac/attachment.bin>

Previous message: [linux-audio-dev] virtual vocalist - I think we could
Next message: [linux-audio-dev] Linux Security Module for realtime audio
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Linux-audio-dev mailing list