[linux-audio-user] Fedora 6 x86_64 short report

Fernando Lopez-Lezcano nando at ccrma.Stanford.EDU
Fri Jan 12 21:02:29 EST 2007

Previous message: [linux-audio-user] Fedora 6 x86_64 short report
Next message: [linux-audio-user] Fedora 6 x86_64 short report
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2007-01-12 at 19:01 -0500, lanas wrote:
> 3) Adjusted access to priorities by adding this
> to /etc/security/limits.conf:
> 
>   # Added for audio
>   *               -       rtprio          99
>   *               -       nice            -10
>   *               -       memlock         4000000
> 
>   BTW, I read that the above is an insecure configuration.  So, some
> finetuning could be done with that.  There's an active Fedora
> Firewall, as well as SELinux, so maybe this is not as critical as it
> sounds.  I'd appreciate any input on this.

It all boils down to who can use programs that run with realtime
priorities and whether you trust them. The above conf (which I use)
gives access to everybody - meaning anybody can potentially hang the
machine, either through buggy software, a mistake or intentionally. 

You can of course restrict things a bit more by using unix groups and
only give access to a group of users (which you presumably trust...),
then that's more "secure". Still, allowed users can hang the machine if
they want. 

You could also restrict the range of priorities users can use, add a
watchdog program that runs at a higer priority and kills or downgrades
the scheduler to SCHED_OTHER of processes that are hogging the cpu - but
IMHO things get complicated too fast, and sometimes you may _want_ to
hog the cpu :-)

...

If you are the only user then the above configuration is fine...
-- Fernando

Previous message: [linux-audio-user] Fedora 6 x86_64 short report
Next message: [linux-audio-user] Fedora 6 x86_64 short report
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Linux-audio-user mailing list