From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0 Description of problem: The tvtime binary is installed setuid root. Is that wise ? AFAIK it is because it needs access to /dev/rtc Can that not be solved in some other way ? The last thing we need is a remote break-in over TV signals ;-) Is there really no other way for precise timing but /dev/rtc ? Version-Release number of selected component (if applicable): tvtime-0.9.13-1
yes, it's needed to set the max-user-freq on /dev/rtc. But I don't see it's critical because it will be dropped to a user after doing that.
in my opinion it's safe by removing setuid root. I will remove it in next rebuild. Perhaps adding "dev.rtc.max-user-freq = 1024" in /etc/sysctl.conf.