22 Jun
2009
22 Jun
'09
4:05 p.m.
On Mon, 2009-06-22 at 17:58 +0100, Krzysztof Foltman wrote:
Fons Adriaensen wrote:
Your point being?
"When was the last time you've seen a Microsoft Word virus? Why did you
open it?" was probably some Microsoft manager's thinking more than
decade ago.
With the increasing number of Linux-based systems sold to novice users,
you're sure nobody will ever use RT API to do something nasty?
Basically, Lennart pointed out a potential security hole and shown a way
to fix it. The fact that it's not abused yet (mostly due to lack of
popularity of RT kernels)
Just a detail, but the issue at hand has nothing to do with the
popularity of rt kernels (ie: kernels patched with the rt patch), but
with allowing non-root users access to schedulers other than
SCHED_OTHER. That can happen with all current kernels.
-- Fernando
You're not ignoring it, you're practically waging the war against it,
Ever
seen a real war ? The
existence of rtkit doesn't make it harder for you to assign RT
privileges to every process on the machine. However, it makes it
possible to prevent rogue processes from obtaining/abusing the RT
scheduling while letting user-approved processes to still use it.
Which rogue
processes ? What was the last time you've seen a
RT-bomb ? Why did you run it ? doesn't mean it won't be abused ever.
Especially if things like pulseaudio and games will making use of RT
privileges.