[linux-audio-dev] Linux Security Module for realtime audio

[torbenh at gmx.de]

On Tue, Dec 09, 2003 at 01:38:44AM +0100, Jesper Anderson wrote:
> On Mon, Dec 08, 2003 at 12:13:48PM -0800, Tim Hockin wrote:
> > On Tue, Dec 09, 2003 at 12:49:24AM +0100, Jesper Anderson wrote:
> > > GTK has been like that for years now. Check the archives of SLASH'EM,
> > > a Nethack clone, for lots of back and forth. In short, they're not
> > > going to change.
> > 
> > Do they have a valid reason?  Or are they just imposing their paranoia on us
> > for fun?
> 
> Their explanation is here:
> 
> http://www.gtk.org/setuid.html
> 
> They've met a lot of resistance and not backed down yet; I seriously
> doubt they will. Therefore, coding around it in a consistent way will
> be necessary. I'll dig in my archives and see what I can find ...
> although I'm not sure an of it is useful.

i talked to tim janik on #lad yesterday and he said, that we should mail
gtk-devel-list and CC: owen taylor with a description of the problem,
and with a statement that we have read setuid.html.

what we need is, that the test must be for [ug]id == 0 and not generally 
uid != e_uid.

so we have a chance of getting this into gtk.

joq: You are a native speaker, can you write the mail ?


-- 
torben Hohn
http://galan.sourceforge.net -- The graphical Audio language