8 Dec
2003
8 Dec
'03
8:25 p.m.
On Sun, 2003-12-07 at 01:35, Jack O'Quin wrote:
I've been experimenting with Torben's LSM for
the 2.6 kernel, and the
realtime group permissions mechanism we discussed.
Naturally, there are some problems. The worst is that GTK-2 will not
tolerate the use of setgid...
(process:11284): Gtk-WARNING **: This process is currently running setuid or setgid.
This is not a supported use of GTK+. You must create a helper
program instead. For further details, see:
http://www.gtk.org/setuid.html
Refusing to initialize GTK+.
In order to get the graphic interface snappy and responsive, I start the
following pthread:
void * interface(void* t_arg)
{
struct sched_param schp;
/** We need realtime performance
*
*/
memset(&schp, 0, sizeof(schp));
schp.sched_priority = sched_get_priority_max(SCHED_RR)/20;
printf("InterfacePriority level: %d\n",schp.sched_priority);
if (sched_setscheduler(0, SCHED_RR, &schp) != 0)
{
perror("sched_setscheduler");
}
else
setreuid(getuid(), getuid());
// This is the call that starts GTK
main_interface(_argc,_argv);
// When we get here, tell everybody else to go home
running = FALSE;
return NULL;
}
mvh // Jens M Andreasen
This seems to totally invalidate the setgid approach
we had discussed,
at least for audio applications using GTK. QT does not seem to
complain about setgid, though most of the reasons for avoiding it with
GTK surely apply there as well.
-<snip>-