Actually, I'd like to hear about why the kernel developers were
shocked about our use of capabilities. Could you expand on that?
Taybin
Taybin,
I wish I could, but thinking that it would likely be of little interest
to me I tuned out pretty quickly. There wasn't a lot of discussion as I
remember it. A number of people were using generic words like 'dangerous' or
'stupid', but frankly it didn't matter to me as this is the only game in
town. What choice do I have anyway?
There was no additional concern about actually running apps like Ardour
or Rosegarden as root vs. using capabilities. They hated that sort of answer
also. It was really that they didn't think any of this should run as root.
TO BE CLEAR - I have no issue with this one way or the other. I understand
I'm taking my chances. I'm OK with that. I will say that the other day I
quickly tried Rosegarden with Jack and as soon as I connected an audio track
in Rosegarden to a 'Jack Audio' stream the machine was locked up hard and
nothing but a hard reset would bring it back. THERE ARE RISKS. (My apologies
to Guillaume, Chris or Rich for bring that up here before signing up for
their lists again.)
If I had to venture a guess it was probably more that some 'intentionally
bad' application could be written to take advantage of a machine that had a
kernel patched for capabilities, and not specifically that jackstart itself
was a problem. I would suspect that a number of developers would not be
particularly concerned with this, but I'll make the observation that I
quickly counted more than 40 Jack applications on the web site this morning.
What percentage of those have actually been tested using a capabilities
based kernel, and what assurance does a user like me have that one of them
doesn't do an rm / intentionally or by mistake? As this list grows to 100 or
200 apps, how will I - as a user, not a developer - be protected against
something like this?
Please remember, that's just my guess and does not represent anyone's
true reasons.
Mark