[linux-audio-user] fluidsynth

[Frank Barknecht]

Hallo,
Guy Clotilde hat gesagt: // Guy Clotilde wrote:

> Anyway, as I'm quite dumb about it, can you enlighten me about what
> it means 'setuid root'?  How exactly do I setuid root a prog (I have
> read about the 's' bit)? 

Yes, you add the "s"etuid bit by channging the file mode with "chmod
u+s /usr/bin/program" and you get rid of it by "chmod u-s
/usr/bin/program" 

> Can I setuid any program (er... is it dangerous)? 

It can be dangerous. Most audio software drops the root privileges
after they gained a higher scheduling, but the bigger the sofware, the
easier it is to make mistakes with this. It might be a good idea, to
only allow a certain group of users to run the setuid programs or use
something like "super" to control acess. Using a kernel feature called
capabilities also does reduces the need to "setuid root" larger
programs. 

But then, setuid also is something ordinary on Linux. For example, the
/usr/bin/passwd programm is also "setuid root". It allows users to
change their own password and effectifly change a system file like
/etc/passwd. Without higher privileges they couldn't do this. 

> Does any program 'setuid root' really run with roots provileges?

Effectivly yes, at least at the start. But as I said, most programs
stop being root on their own with something like the
setuid-C-function, see "man 2 setuid".

ciao
-- 
 Frank Barknecht                               _ ______footils.org__