[pulseaudio-discuss] My computer thinks I'm schizophrenic, is PA for me?

Jan Braun janbraun at gmx.de
Mon Apr 19 09:09:23 PDT 2010

Lennart Poettering schrob:
> On Sat, 17.04.10 16:42, Jan Braun (janbraun at gmx.de) wrote:
> > Hmm, why not? I've set up PA as you describe (except for the additional
> > auth-group parameter), and PA is creating entries in /dev/shm , even for
> > other users than "albert".
> The PA client libs always allocate their memory from an shm region,
> regardless whether it is later used for data transfer or not.

Yep, and I get:

| D: protocol-native.c: Protocol version: remote 16, local 16
| I: protocol-native.c: Got credentials: uid=1002 gid=1002 success=1
| D: protocol-native.c: SHM possible: yes
| D: protocol-native.c: Negotiated SHM: no

So this looks like 2392 in protocol-native.c :

| /* Only enable SHM if both sides are owned by the same
|  * user. This is a security measure because otherwise data
|  * private to the user might leak. */
| const pa_creds *creds;
| if (!(creds = pa_pdispatch_creds(pd)) || getuid() != creds->uid)
|   do_shm = FALSE;

...and you're explicitly disallowing cross-user shm transfer. :(
I guess I'll have to figure out the security implications of messing
with that.

()  ascii ribbon campaign - against html e-mail
/\  www.asciiribbon.org   - against proprietary attachments
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.freedesktop.org/archives/pulseaudio-discuss/attachments/20100419/dd71885a/attachment.pgp>

More information about the pulseaudio-discuss mailing list