Is your feature request related to a problem? Please describe.
Currently ReplaySorcery runs with root setuid which is very insecure.
Describe the solution you'd like
Split ReplaySorcery into two services. One that runs all the time and has root access to KMS, and another that runs on user login that connects to the first service to grab frames.
Describe alternatives you've considered
Over time the security of the setuid implementation has been improved but eventually this will have to be removed.
Additional context
Should the setuid method still be supported? And for how long?
What IPC method should we use? My first thought is unix pipes since they're simple and allow sending file handles (which is needed to KMS).
Is your feature request related to a problem? Please describe. Currently ReplaySorcery runs with root setuid which is very insecure.
Describe the solution you'd like Split ReplaySorcery into two services. One that runs all the time and has root access to KMS, and another that runs on user login that connects to the first service to grab frames.
Describe alternatives you've considered Over time the security of the
setuidimplementation has been improved but eventually this will have to be removed.Additional context Should the
setuidmethod still be supported? And for how long? What IPC method should we use? My first thought is unix pipes since they're simple and allow sending file handles (which is needed to KMS).