[MPlayer-dev-eng] [PATCH] adjusting nice level from config/command line
Brian J. Murrell
c746c7b6c7d8fcfbfcf523eb4ba5788f at interlinx.bc.ca
Mon May 27 12:06:06 CEST 2002
On Mon, May 27, 2002 at 11:50:57AM +0200, Wojtek Kaniewski wrote:
>
> so what? i'm the only user of my workstation. no one else has an account
> here. no one else has physical access to the box. no one can log in from
> outside. so why should i bother about getting root from suid mplayer?
That is a very bad attitude. It is exactly that attitude that leads
to insecure software -- something that is plaguing MS right now.
If you are the only user on your workstation and you have the root
password then why don't you just run MPlayer as root instead of making
improper and insecure patches against MPlayer and submitting them for
hopes that they be included in the main source.
You may be a smart enough cookie to realize how insecure the
implementation is but a more naive user on a machine with multiple
user accounts may not realize it and go enabling software that makes
for a real easy job of r00ting his box.
b.
--
Brian J. Murrell
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/mplayer-dev-eng/attachments/20020527/28b84c51/attachment.pgp>
More information about the MPlayer-dev-eng
mailing list