Tried Pulse Audio Again--No Good For A11y

[Les Mikesell]

Lennart Poettering wrote:
> 
> To suspend audio for inactive sessions and only allow audio for active
> sessions fixes a big security hole.

But it sucks if you are playing music for the room and someone else 
wants to check their email.

> And it's not just we who fixed
> this hole like this. Apple for example does it too. And usually Apple
> is the gold standard of user-friendliness, right?

No, it sucks just as much when itunes does it.  You expect that kind of 
stuff from Apple who only has a short history of multi-user machines and 
who would really rather sell you an apple tv or ipod with dock that you 
can dedicate to driving your speakers, though. Linux has always been 
multi-user and doesn't have any such excuses for arbitrarily 
disconnecting devices.

> Allowing multiple different users audio device access at the same is a
> security nightmare. It has been with ALSA dmix. And it is even more so
> in PA. 

Doesn't the kernel have a mechanism for exclusive locks on devices if 
someone wants to have exclusive access?  It's not all that difficult to 
eavesdrop on music playing loudly anyway...

> Far down on my todo list is adding some kind of handover logic between
> multiple PA instances, so that we can add fading of audio when we
> switch sessions. This would also allow us to continue playback from
> inactive sessions if the now active user is OK with that. But this is
> complex, security-sensitive and not a priority. So don't expect any
> quick results.

What's the right way to set up a media player service that isn't 
attached to anyone's session?

-- 
   Les Mikesell
    lesmikesell at gmail.com