[MIR] rtkit
Bug #396396 reported by
Luke Yelavich
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
rtkit (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
RealtimeKit is a D-Bus system service that changes the scheduling policy of user processes/threads to SCHED_RR (i.e. realtime scheduling mode) on request. It is intended to be used as a secure mechanism to allow real-time scheduling to be used by normal user processes.
It will be used as a runtime dependency of pulseaudio to allow pulseaudio to get high priority for audio playback.
http://
affects ubuntu/rtkit
subscribe ubuntu-mir
Changed in rtkit (Ubuntu): | |
assignee: | nobody → Kees Cook (kees) |
summary: |
- Main inclusion request for rtkit. + [MIR] rtkit |
To post a comment you must log in.
CAP_SYS_PTRACE is extremely powerful, and seems to only be used for debugging (reporting which executable was made RT). I would prefer that CAP_SYS_PTRACE was not included in the capabilities for this daemon. I do like that is chroots itself, though.
Additionally, I would prefer that it drop privileges earlier -- it opens syslog, dbus, etc before dropping privs. Can priv-dropping be moved earlier?