ratchov@ modified sys/dev/audio.c: Add a "record.enable" mixer knob to control recording. When recording is disabled, the device records silence. The control may be modified only by root and defaults to "off", ie. recording is disabled by default. ok florian, deraadt
But it sounds like fs/user permissions can't be used to control access... At least not without some daemon emulating them in userspace.
-
-
There were a lot of private discussions leading up to this particular design, for OpenBSD libsndio is considered the low level API for sound and not the kernel audio(4) interface, this is very different from say ALSA. Applications never directly open the audio device.
-
Right. Linux has lots of bad security models too that throw away permission system in favor of complex userspace policy (dbus, polkit, pulseaudio, etc.)
-
If a daemon is used, it literally should just use permissions on unix socket paths for access control.
-
Again I'm not too familiar, but I believe it's more complicated then that. sndiod(8) is privsep on OpenBSD, and runs under separate users (_sndio/_sndiop). It uses a cookie for access control. http://man.openbsd.org/sndio#AUTHENTICATION …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.