Please review my package
wbrana
wbrana at gmail.com
Thu Jul 5 20:14:43 UTC 2012
> That doesn't change that it is a security hazard!
> Don't run user apps as root!
> Don't implement super-user features in user apps - implement it
> separately, and make it optional to use it.
I don't run user apps as root. MPlayer is never started as root.
Here is mplayer_nice source code with comments:
int main(int piarg, char* Pvarg[]){
uid_t liuid = getuid(); // check if app is started by root, if
it true return error
if (!liuid) {
printf("cant run as root\n");
return 1;
}
if (-1 == nice(-20)) { // increase process priority
printf("cant increase prority\nwrapper mplayer_nice
has to be owned by root with mode 4755\n");
};
#ifdef __NR_ioprio_set
if (syscall(__NR_ioprio_set, 1, 0, 0x2000)) { // increase
process I/O priority
printf("cant set I/O priority\n");
}
#endif
if (setuid(liuid)) { // change UID to to non-root user, if it
fails return error
printf("cant set uid to user\n");
return 1;
};
execv(MPLAYER_PATH, Pvarg); // start MPlayer
printf("can start "MPLAYER_PATH"\n");
return 1;
};
Google Chrome is also using setuid binary
File: ‘chrome-sandbox’
Size: 19064 Blocks: 40 IO Block: 4096 regular file
Device: 902h/2306d Inode: 1975105 Links: 1
Access: (4711/-rws--x--x) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2012-06-28 20:49:55.000000000 +0200
Modify: 2012-06-28 20:49:55.000000000 +0200
Change: 2012-06-30 10:10:46.594362879 +0200
Birth: -
XOrg server is also setuid binary
File: ‘Xorg’
Size: 2597144 Blocks: 5080 IO Block: 4096 regular file
Device: 902h/2306d Inode: 540202 Links: 1
Access: (4711/-rws--x--x) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2012-06-12 15:43:22.000000000 +0200
Modify: 2012-06-12 15:43:22.000000000 +0200
Change: 2012-06-12 15:43:27.257467482 +0200
Birth: -
More information about the pkg-multimedia-maintainers
mailing list