Bug 347822

Summary: AUDIT-0: PulseAudio permissions
Product: [openSUSE] openSUSE 11.0 Reporter: Rodrigo Moya <rodrigo>
Component: SecurityAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: krahmer, meissner, security-team, tiwai
Version: Alpha 2   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVE-2008-0008: CVSS v2 Base Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Rodrigo Moya 2007-12-11 22:12:15 UTC 
I just submitted a new pulseaudio package, from http://download.opensuse.org/repositories/home:/rodrigomoya:/pulseaudio/ and came to the /usr/bin/pulseaudio which, as we found in the Fedora package, needs special SUID permissions to be run as a system daemon for all users. We are yet not 100% sure this is needed, since the first version of the package from Takashi didn't need this, but it might be needed for multi-user environments AFAIK.

Need auditing from security team
Comment 1 Thomas Biege 2007-12-12 06:32:50 UTC 
System daemons should be started during boot-up therefore no setuid is needed.
Comment 2 Marcus Meissner 2007-12-12 08:34:49 UTC 
a very brief look at PulseAudio shows that it uses the setuid root
only for getting the CAP_SYS_NICE capability and then drops the setuid
things. (although badly, without return value checking *sigh*)

So it is user-based, but with setuid root for switching to realtime/fifo
scheduliong (haven't looked for the code).

having it without setuid root 755 now will work fine for testing while we
review and report bugs.
Comment 5 Sebastian Krahmer 2008-04-23 07:30:51 UTC 
anything happened here?
Comment 6 Thomas Biege 2008-11-10 08:35:36 UTC 
closing
Comment 7 Thomas Biege 2009-10-14 01:51:08 UTC 
CVE-2008-0008: CVSS v2 Base Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)