[linux-audio-user] running jack as non-root?

Jack O'Quin joq at io.com
Sat Feb 28 10:46:15 EST 2004


Hasse Hagen Johansen <hhj at musikcheck.dk> writes:

> Hmm. There is some discussion if the LSM is actually very secure. That
> why RSBAC is not using/is implemented as an LSM, but of course there
> is always discussions... 

All the complaints I've seen about LSM were rather vague, and mostly
seem motivated by discontent that someone else's security hooks got
introduced into the mainline kernel.  The current hooks are quite
adequate for my simple needs.

Do you know of any specific security problems that I should watch out
for?  None have been mentioned on the linux-security-module mailing
list.

> I was actualy thinking about if I could use EA/ACL and/or rsbac or
> grsecurity, for granting specific users running specific executables
> the Realtime capability

That would be nice.  How would you propose to go about it?

To have any traction as a general solution for Linux Audio, a solution
needs to be based on generally-available code.  There is no point in
telling users or distibutions: "apply this 30,000-line patch to your
kernel, then tag the following 127 files with Access Control Lists."
It won't happen.
-- 
  joq


More information about the linux-audio-user mailing list