satip server on port 554 unnecessarily limited to root only
At the moment it is only possible to start the satip server on port 554 being root. For security reasons, I do not want to give the whole tvheadend root privileges. But unfortunately I have to use port 554 instead of 9983 as for example my Panasonic TV as a satip client only works when tvheadend as satip server listens on port 554.
Instead, I would like to use mechanisms like authbind or setcap to use port 554 without being root. But this does only work when the function satips_rtsp_port in server.c does not check against getuid()!=0 and changes the port to 9983. I suggest printing only an information or warning there. If tvheadend has not the appropriate permissions (not being root or using any other mechanism) an error message will be printed later when trying to bind to port 554 anyway.
#3 Updated by Andreas Tockhorn 16 days ago
I had some time to dive deeper into the topic of privilege seperation. From my understanding, this would cause larger effort on changing tvheadend sources. Furthermore, it does still rely on starting as rooting, binding to port 554 and afterwards dropping root privileges. If this is not done appropriately, it might stil cause a security flaw. In addition, I cannot really imagine what is the correct point in time at which the privilege can be dropped, since the satip server can be reconfigured or being activated at any time.
So I still suggest removing the limitation to being root and staff the tvheadend binary with only that additional capability, e.g. by using sudo setcap CAP_NET_BIND_SERVICE=+eip /path/to/tvheadend-binary.
#6 Updated by Tim Bremer 14 days ago
For security reasons
Well, 'security reasons' are in fact the reason why ports below 1024 are privileged.
Your request would be an exception from the rule, causing a lot of confusion for most part of the users and at last results in many support requests in the forum.
I do not want to give the whole tvheadend root privileges.
Do you have got an idea how many program do have root privileges during the boot sequence?