On Sun, 2008-10-05 at 17:56 -0700, Arjan van de Ven wrote:
On Mon, 6 Oct 2008 02:48:46 +0200
Lennart Poettering <mzerqung(a)0pointer.de> wrote:
> On Sun, 05.10.08 20:29, Jon Masters (jonathan(a)jonmasters.org) wrote:
>
> > Hi,
> >
> > Can I suggest that we consider adding new desktop users on a fresh
> > install to pulse-rt by default? Or, put another way, does anyone
> > think this is a particularly bad idea to be doing?
>
> It's a security issue.
It's not a security issue if you're on a single user desktop/laptop, and
therefore something that could be configured up during installation. One
idea I had was to suggest having install "profiles" available - I'd love
to have an anaconda option I can click that will:
* Add me to sudoers automatically (first thing I do on every Fedora/RHEL
system, and the most annoying thing missing from a standard install)
* Add me to various groups useful to desktop self-admin, etc.
* (Disable SELinux policy with a vengeance :P)
> Unfortunately on Linux we don't have anything in place that
would
> allow "safe" usage of realtime features.
That's not true. You already have PolicyKit support and even look to see
if you have a policy. So that authorization could just be setup in
advance for pulseaudio if it's running on a desktop system.
There have been steps in the
> right direction (like real-time group scheduling, RLIMIT_RTTIME), but
> that is still a royal PITA to use or trivial to circumvent.
yeah it's better to not need realtime, and just have a good
enough
scheduler instead ;-)
I agree about the longer term.
Jon.