Opened 13 years ago
Closed 12 years ago
#2554 closed defect (invalid)
Mythbrowser will not run with suid on binary
| Reported by: | anonymous | Owned by: | Isaac Richards |
|---|---|---|---|
| Priority: | minor | Milestone: | unknown |
| Component: | mythbrowser | Version: | 0.20 |
| Severity: | medium | Keywords: | |
| Cc: | Ticket locked: | no |
Description
If you use real time scheduling on the frontend MythBrowser? fails with
The KDE libraries are not designed to run with suid privileges.
Unfortunately for timely display of video frames this "chmod g+s" on the binary is a must - especially when watching widescreen football (cron jobs make players a little jerky otherwise).
Yours,
Karl Royer
Change History (4)
comment:1 Changed 13 years ago by
| Resolution: | → worksforme |
|---|---|
| Status: | new → closed |
comment:2 follow-up: 3 Changed 12 years ago by
| Resolution: | worksforme |
|---|---|
| Status: | closed → new |
This might be a documentation bug. I experienced this "bug" with the 0.21-fixes.
I never setuid on mythbrowser: -rwxr-xr-x 1 root root 94144 2008-04-21 21:33 /usr/local/bin/mythbrowser
However, after installing the mythbrowser plugin I would receive this message in my mythfrontend log when trying to launch a mythbrowser through the frontend (from the command line it worked fine): The KDE libraries are not designed to run with suid privileges.
This was how the mythfrontend suid bits were set as per the howto (chmod a+s): -rwsr-sr-x 1 root root 1539812 2008-03-25 03:10 /usr/local/bin/mythfrontend
This doesn't work. When I switch to using just 'chmod u+s' both mythbrowser and realtime priority threads work: -rwsr-xr-x 1 root root 1539812 2008-03-25 03:10 /usr/local/bin/mythfrontend
Should a documentation ticket be opened to correct this in the howto? Is there any downside to now providing the setguid bit?
comment:3 Changed 12 years ago by
Replying to jon@tangentrix.com:
Should a documentation ticket be opened to correct this in the howto?
Probably not worth the effort since MythBrowser?? in 0.22 will hopefully be replaced with something using WebKit?? in Qt4. Although it will need Qt4.5 to be really usable I believe so it may be a long wait :-(
Is there any downside to now providing the setguid bit?
No idea.
comment:4 Changed 12 years ago by
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
Are you setting suid on both mythfrontend and mythbrowser? There is no point setting it on mythbrowser and doing so would be a very bad idea due to the security implications.
I've just give this a try by only setting suid only on mythfrontend and everything seemed to work as expected. At least I get the "Using realtime priority" message and mythbrowser works fine.
There are better/more secure ways to increase the priority of the video playback threads see the "Enabling real-time scheduling of the display thread" section from http://www.mythtv.org/docs/mythtv-HOWTO-5.html