[Pianod] Problem with RasPi sound card access as user nobody

[Jimmy Pop]

I would just add root to the audio group, I dont see any malicious
implications in that.



On Thu, May 30, 2013 at 11:30 PM, Peter Li <chinasaurli at gmail.com> wrote:

>  Seems like we could have in addition to drop_root_privs a function that
> adds audio to the setgroups if it's not in getgroups or getgid already?  I
> believe this patch would make sense across Linux systems, but I think it
> doesn't make sense for Mac.  Should work to just check whether getgrnam
> returns anything for "audio" though?
>
>
>
> On 05/30/2013 11:05 PM, Peter Li wrote:
>
> If I hack settings.c, drop_root_privs to set gid to the audio gid instead
> of the nobody user gid (nogroup) it also works.
>
> So even though nobody is now set to be a member of the audio group, and
> pianod is getting setuid to nobody, it needs to have setgid audio instead
> of setgid nogroup to work.
>
> Now I notice that if I add root to the audio group and hack settings.c
> back to dropping to gid nogroup it also seems to work.  So apparently after
> pianod drops to nobody, it has:
>     1) uid of nobody
>     2) gid of nogroup
>     3) additional groups of /root/ not groups of /nobody/
>
> So I guess this is the expected behavior and I just didn't understand it.
> Should the fix just be to put root in the audio group?  Or should we try to
> change drop_root_privs so that it will take on the additional groups of
> nobody?
>
>
>
> _______________________________________________
> Pianod mailing list
> Pianod at lists.deviousfish.com
> http://lists.deviousfish.com/listinfo.cgi/pianod-deviousfish.com
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.deviousfish.com/pipermail/pianod-deviousfish.com/attachments/20130531/1b7d12c8/attachment-0003.htm>