[LAD] [ANNOUNCE] Safe real-time on the desktop by default; Desktop/audio RT developers, read this!

[Fernando Lopez-Lezcano]

On Mon, 2009-06-22 at 17:58 +0100, Krzysztof Foltman wrote:
> Fons Adriaensen wrote:
> 
> >> You're not ignoring it, you're practically waging the war against it,
> > Ever seen a real war ?
> 
> Your point being?
> 
> >> The existence of rtkit doesn't make it harder for you to assign RT
> >> privileges to every process on the machine. However, it makes it
> >> possible to prevent rogue processes from obtaining/abusing the RT
> >> scheduling while letting user-approved processes to still use it.
> > Which rogue processes ? What was the last time you've seen a
> > RT-bomb ? Why did you run it ?
> 
> "When was the last time you've seen a Microsoft Word virus? Why did you
> open it?" was probably some Microsoft manager's thinking more than
> decade ago.
> 
> With the increasing number of Linux-based systems sold to novice users,
> you're sure nobody will ever use RT API to do something nasty?
> 
> Basically, Lennart pointed out a potential security hole and shown a way
> to fix it. The fact that it's not abused yet (mostly due to lack of
> popularity of RT kernels) 

Just a detail, but the issue at hand has nothing to do with the
popularity of rt kernels (ie: kernels patched with the rt patch), but
with allowing non-root users access to schedulers other than
SCHED_OTHER. That can happen with all current kernels. 

-- Fernando


> doesn't mean it won't be abused ever.
> Especially if things like pulseaudio and games will making use of RT
> privileges.