On 12 November 2014 14:28, Jan Alexander Steffens <jan.steffens@gmail.com> wrote:
The approach of handing out real-time permissions via group or even to individual users isn't secure, as even the minimum RT priority of 1 can be used to DOS the system. We really want something else for future applications. Perhaps we can push systemd into adding a TODO to gain something similar to realtimekit for use by both applications and systemd user services.
You're absolutely right, especially if we're talking about other applications of real-time. The case with multimedia has been about single-user (sometimes offline) systems mostly, but with the proliferation of capable multimedia networked devices this can and will change. Nevertheless, these users presently would benefit from not being tied to the audio group. I remember there was an issue with systemd+pulseaudio where being in the group meant not being able to give up perms for user switching. I'm not sure how many users will complain if I just let them create this group instead of doing it for them (and reserving an ID, which I did before on a testing update but reverted). -- GPG/PGP ID: C0711BF1