PulseAudio
David Zeuthen
davidz at redhat.com
Tue Feb 27 19:14:53 UTC 2007
On Tue, 2007-02-27 at 14:04 -0500, xiphmont at xiph.org wrote:
> > Heck, so uid 501 can poke the streams created by uid 500? That's a
> show
> > stopper just because of security implications. Do you disagree?
>
> I agree it's not acceptible in the mid/long term. However, this is
> already what Ubuntu and Debian do today.
Ding ding ding. We want to ship a distro that is secure by default.
Seriously, this is a stop-ship thing whether you personally like it or
not.
> revoke is just such a .... stunningly... idiotic idea....
My gods. Do not pass start. Do not collect $200. Hint, see
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230006
and come back when you understand the implications. Thanks.
> > Well, there's no politics here apart from wishing not to introduce
> > short-term hacks that will haunt us for ever.
>
> I can't take you seriously when you keep saying that, then pushing LD_PRELOAD.
It's because I live in this century and don't use OSS myself. Either
LD_PRELOAD or some emulation daemon that forwards the stream to the
right PA instance. Either is ugly because OSS is ugly.
Of course, we wouldn't enable such things by default because we don't
have OSS apps in the default install. Perhaps enterprise distros that
care about old crap would.
> > What is the view of all this from PA upstream? I talked a lot to Lennart
> > at LCA about this and he said system-wide pulse was a non-starter
> > exactly for the reasons I listed.
>
> That's partially because I convinced him so at GUADEC. It took some arguing.
*plonk*
Here's a quarter, Monty. Go use it to try a modern Linux desktop.
David
More information about the Fedora-desktop-list
mailing list