[MPlayer-dev-eng] [PATCH] Frame stepping (i.e. seeking while paused)
Jan Knutar
jknutar at nic.fi
Thu Jul 8 15:42:20 CEST 2004
On Thursday 08 July 2004 16:51, D Richard Felker III wrote:
> No, it's basically impossible to make it secure. Remember it has to
> have root privs to open the vo for some stupid vo's. The solution is
> not to make mplayer suid at all.
Well, if mplayer needs root to open stupid vo's, then mplayer has to be
suid. Not suid -> no vo, no joy.
If you don't use stupid vo's, then mplayer does not have to be uid 0
after setting itself realtime and mlocked -> drop privs?
I know making mplayer secure is possibly quite impossible, but I just
don't see the logic in saying "MPlayer needs root to open some vo.
Solution: Don't give it root."
Maybe it'd be easier to make a new syscall that would enable mlockall()
on processes other than the current :-)
More information about the MPlayer-dev-eng
mailing list