[MPlayer-users] RTC Permission
Arpi
arpi at thot.banki.hu
Fri Jul 19 11:14:02 CEST 2002
Hi,
> >
> > become root and do: su +s /usr/local/bin/mplayer (or replace with your path)
> you forgot about this part which is also featured in the FAQ:
> -- snip --
> !!!! BUT STAY TUNED !!!!
> This is a *BIG* security risk! *NEVER* do this on a server or on a
> computer that you do not control
> completely because other users can gain root privileges through SUID
> root MPlayer!!!
> !!!! SO YOU HAVE BEEN WARNED ... !!!!
> -- snip --
>
> of course risk is quite low, but i think posting "chmod +s something"
> should include some warning, shouldn't it?
don't worry. if an user can do su - or chmod +s, unless he knows about its
risk, then it's a desktop machine not server :)
A'rpi / Astral & ESP-team
--
Developer of MPlayer, the Movie Player for Linux - http://www.MPlayerHQ.hu
More information about the MPlayer-users
mailing list