Opened 13 years ago

Closed 12 years ago

#2554 closed defect (invalid)

Mythbrowser will not run with suid on binary

Reported by: anonymous Owned by: Isaac Richards
Priority: minor Milestone: unknown
Component: mythbrowser Version: 0.20
Severity: medium Keywords:
Cc: Ticket locked: no

Description

If you use real time scheduling on the frontend MythBrowser? fails with

The KDE libraries are not designed to run with suid privileges.

Unfortunately for timely display of video frames this "chmod g+s" on the binary is a must - especially when watching widescreen football (cron jobs make players a little jerky otherwise).

Yours,

Karl Royer

Change History (4)

comment:1 Changed 13 years ago by paulh

Resolution: worksforme
Status: newclosed

Are you setting suid on both mythfrontend and mythbrowser? There is no point setting it on mythbrowser and doing so would be a very bad idea due to the security implications.

I've just give this a try by only setting suid only on mythfrontend and everything seemed to work as expected. At least I get the "Using realtime priority" message and mythbrowser works fine.

There are better/more secure ways to increase the priority of the video playback threads see the "Enabling real-time scheduling of the display thread" section from http://www.mythtv.org/docs/mythtv-HOWTO-5.html

comment:2 Changed 12 years ago by jon@…

Resolution: worksforme
Status: closednew

This might be a documentation bug. I experienced this "bug" with the 0.21-fixes.

I never setuid on mythbrowser: -rwxr-xr-x 1 root root 94144 2008-04-21 21:33 /usr/local/bin/mythbrowser

However, after installing the mythbrowser plugin I would receive this message in my mythfrontend log when trying to launch a mythbrowser through the frontend (from the command line it worked fine): The KDE libraries are not designed to run with suid privileges.

This was how the mythfrontend suid bits were set as per the howto (chmod a+s): -rwsr-sr-x 1 root root 1539812 2008-03-25 03:10 /usr/local/bin/mythfrontend

This doesn't work. When I switch to using just 'chmod u+s' both mythbrowser and realtime priority threads work: -rwsr-xr-x 1 root root 1539812 2008-03-25 03:10 /usr/local/bin/mythfrontend

Should a documentation ticket be opened to correct this in the howto? Is there any downside to now providing the setguid bit?

comment:3 in reply to:  2 Changed 12 years ago by paulh

Replying to jon@tangentrix.com:

Should a documentation ticket be opened to correct this in the howto?

Probably not worth the effort since MythBrowser?? in 0.22 will hopefully be replaced with something using WebKit?? in Qt4. Although it will need Qt4.5 to be really usable I believe so it may be a long wait :-(

Is there any downside to now providing the setguid bit?

No idea.

comment:4 Changed 12 years ago by paulh

Resolution: invalid
Status: newclosed
Note: See TracTickets for help on using tickets.