So, I guess one could insert a check in the call to command_create_record_stream (src/pulsecore/protocol-native.c), that would deny access if trust-store says so. However, there is still a way around that. Any app that can access the shm file can potentially look at audio data currently streaming to *another* app, i e, malicious app Eve can see what PulseAlice sends to the legitmate app Bob. I'm not sure how much this SHM file is cleaned up (zeroed out) either, so there is a possibility the shm file contains old recorded data too.
As for PulseAudio clients telling PulseAudio to access random files on the file system, I don't think that's true, but I could have missed something. Could you be more specific about where this functionality lies and I'll have a closer look? As for the LED, any app with access to both the LED and PulseAudio should be able to do this. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1224756 Title: Pulseaudio should integrate with trust-store To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1224756/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs