SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Yep, showing to user at least a confirmation dialog is just about giving him the ability to chose, without babysitting him.
And after all, now after I read the SOMA's source code (as it is a script), I think that there are no security issues other than the ones introduced eventually by MPlayer itself.
BUT, its graphical interface, the GMPlayer can run well as root, with no warnings and bells, then if the MPlayer developers themselves are not so preoccupied by running their software as root, and MPlayer is officially shipped by Slackware, how about to leave the responsibility about the MPlayer issues just to those in measure and with interests about MPlayer security?
That's the delegation of the responsibility.
Long story short, what SOMA do, the user can do under root also with the pure MPlayer, the GMPlayer, or even clients like SMPlayer, for example.
So, the SOMA will introduce no additional security when it commit suicide as root even the user does not edit its forced exit.
Last edited by Darth Vader; 12-18-2017 at 02:33 PM.
I see your point. I'm just worried that something hideous will go wrong. Mistakes have been known to have been made in software before. See the purge_local function and think what fun could be had if the directories were -z or / or something.
I'm not thinking of a confirmation really for the clear screen, more a config option. Set by checkbox in the options menu.
I see your point. I'm just worried that something hideous will go wrong. Mistakes have been known to have been made in software before. See the purge_local function and think what fun could be had if the directories were -z or / or something.
I'm not thinking of a confirmation really for the clear screen, more a config option. Set by checkbox in the options menu.
I understand your position, but I think that nothing bad will/could happen, if you ensure that the "to be deleted" files would live in folders precisely named ".soma/genres" or ".soma/themes", even by mistake the SOMA looks to delete them directly from "/.soma/genres" or "/.soma/themes", which usually should not exists.
IF I will be worried about that particular problem, I would strongly ensure those path names conditions I said. I done many times in the past those things, under PHP, BTW...
Last edited by Darth Vader; 12-18-2017 at 05:12 PM.
Why do you want to run it as root anyway? Just stop!
Haha... you could add some option to bypass your root check. That way it's a nice reminder for those who may run as root without knowing why it's bad, but allows those who are aware of the consequences to be able to bypass it if needed/desired.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.