[pulseaudio-discuss] [PATCH v3 00/11] Introduce memfd support
Tanu Kaskinen
tanuk at iki.fi
Thu Mar 24 10:04:10 UTC 2016
On Thu, 2016-03-24 at 00:38 +0200, Ahmed S. Darwish wrote:
> A benefit for transforming the global mempool to memfds by
> default now is that a follow-up patch can be quickly developed
> to statically remove POSIX SHM support through a
> --disable-posix-shm configure flag.
>
> Doing so, we can build a memfd-only libpulse version that can be
> bundled in xdg-app runtimes going forward .. [1] [2]
What's the purpose of disabling posix-shm in xdg-app runtimes? If the
purpose is to prevent applications from doing malicious things, nothing
prevents the application from bundling its own version of libpulse.
Security is only achieved by blocking posix-shm in the server.
--
Tanu
More information about the pulseaudio-discuss
mailing list