[apparmor] [PATCH 1/3] Allow Totem to read /etc/wildmidi/wildmidi.cfg.
Seth Arnold
seth.arnold at canonical.com
Wed Oct 23 17:57:51 UTC 2013
On Wed, Oct 23, 2013 at 10:21:01AM +0200, intrigeri wrote:
> > FYI, I don't think this needs to be done now, but I've found the audio
> > abstraction a bit wide in modern distributions and I will probably be proposing
> > a patch set in the future that breaks both gstreamer and pulseaudio out into
> > their own abstractions, and have audio #include them.
>
> Full ACK. Security put aside, this could also help discovering
> interesting discrepancies (e.g. in volume handling), I mean
> unsuspected cases where components of a modern DE access raw sound
> devices instead of using the relevant abstraction layer.
I can hardly be surprised, finding the correct layer is difficult:
http://blogs.adobe.com/penguinswf/2007/05/welcome_to_the_jungle.html
And even with the correct layers in place, we still have some pretty
serious problems with sound controls:
http://www.openwall.com/lists/oss-security/2013/10/22/6
I've got a vague feeling I started the abstractions/audio file and I
certainly didn't understand the audio landscape as well then as I do now
-- which ought to say something.
Breaking apart the abstraction to enforce some decency would be wonderful.
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20131023/67226a1a/attachment.pgp>
More information about the AppArmor
mailing list