Re: [Jack-Devel] jack - audio group - package install

Prev	Next Index
Date	Tue, 24 Jan 2012 23:26:44 +0000
From	Fons Adriaensen <[hidden] at linuxaudio dot org>
To	[hidden] at lists dot jackaudio dot org
In-Reply-To	Fernando Lopez-Lezcano Re: [Jack-Devel] jack - audio group - package install
Follow-Up	Fernando Lopez-Lezcano Re: [Jack-Devel] jack - audio group - package install

On Tue, Jan 24, 2012 at 01:47:32PM -0800, Fernando Lopez-Lezcano wrote:

> Ideally you install an extra package that has a suitable configuration  
> file and only users that login physically to the computer would be  
> granted rt access and only during the duration of the login (if users  
> are switched, permissions follow the currently active user, etc, etc).

That would be IMHO not be the ideal but the worst solution.

A few things to consider:

* If a bunch of users, all locally logged in, sitting within a few
decimeters of each other and having a good time switching who is
'active' while drinking beers and eating pizza can't agree on who
is using the soundcard, or if one of them fancies blowing up the
system by running a rogue realtime application, then there is a
much bigger problem, and it's not a technical one. Maybe some
therapy or psychofarmaca would help in such cases. Any talk about
'security' in such a scenario is completely pointless.

* What is wrong with real-time privileges anyway ? OSX grants them
to all users. There are lots of other ways to create havoc anyway.
Just pull out the power plug for example. And on any recent system
you can't block a system by abusing RT.

* Security starts with awareness, and requires taking on individual
responsability and knowing how to do that. Anything else is not
security but just an illusion of it. If a user can't be bothered to
add himself to the 'audio' group when told to do so by a post-install
message, not even when his fancy desktop provides a dummy-aware app to
do it and maybe it even pops up automagically, then let's accept that
such a user is beyond repair and so be it. Why should anyone care about
that, unless that anyone's aim is to ensure that that the user *remains*
incompetent to take things into his/her own hands.

The day when, setting up a system, I'm forced to spend any considerable
time on disabling or bypassing parallel and therefore useless 'security'
systems such as polkit and consolekit, or default settings that assume
brainless users, I will say goodbey to Linux and everyting associated
with it. 

Ciao,

-- 
FA

Vor uns liegt ein weites Tal, die Sonne scheint - ein Glitzerstrahl.

Prev	Next Index

1327447627.30982_0.ltw:2,a <20120124232644.GA9586 at linuxaudio dot org>