[vlc] Re: wxvlc, gtk, suid and real-time priority

[Michael Bender]

Vincent Lönngren wrote:

> I'm using wxvlc, and there is an option to allow vlc to run at real-time
> priority, which sounds very nice. It requires vlc to be run as root, of
> course. The problem is that if I chmod +s /usr/bin/vlc, vlc won't start,
> complaining that:
> 
> vincent at localhost:~$ vlc
> VLC media player 0.8.4-test2 Janus
> 
> (process:4486): Gtk-WARNING **: This process is currently running setuid
> or setgid.
> This is not a supported use of GTK+. You must create a helper
> program instead. For further details, see:
> 
>     http://www.gtk.org/setuid.html
> 
> Refusing to initialize GTK+.
> vincent at localhost:~$
> 
> Is there an easy way around this?

The *best* way is to send a message to the GTK+ team and tell
them that you don't want them making security decisions for
you. It is up to *you* to determine what level of security you
are comfortable with - the GTK+ team has absolutely NO BUSINESS
deciding this.

I quote from their missive:

   Sin #1 - Arrogance:

     Writing setuid and setgid programs using GTK+ is
     bad idea and will never be supported by the GTK+
     team.

   Sin #2 - Myopic View Of The World:

     In the opinion of the GTK+ team, the only correct
     way to write a setuid program with a graphical user
     interface is to have a setuid backend that communicates
     with the non-setuid graphical user interface via a
     mechanism such as a pipe and that considers the input
     it receives to be untrusted.

Opinions are fine- they are like a-------; everyone has one.
I just don't like it when people force their opinions on me.

mike

-- 
This is the vlc mailing-list, see http://www.videolan.org/vlc/
To unsubscribe, please read http://www.videolan.org/support/lists.html