On Mon, 2014-04-28 at 17:15 +0000, Colin Walters wrote: > On Mon, Apr 28, 2014 at 12:45 PM, Tomasz Torcz <tomek@xxxxxxxxxxxxxx> > wrote: > > > > Risking being totally offtopic, but would TCB solve all most of > > this issues? > > www.openwall.com/tcb/ or > > http://www.openwall.com/presentations/Owl/mgp00020.html > > It helps a little, but the problem here is not exactly about the > underlying data format, but more about the merge/upgrade logic, which > TCB by itself doesn't quite solve. > > We would still need logic somewhere (likely ostree), like today how it > lives in RPM %post scripts to check whether users exist, and if not > create them. The binding between that logic and how the files get > created on disk is the hard problem. > > Also I originally thought TCB was a good idea, but I got less excited > about it when I realized they'd just shifted setuid binaries to setgid. > To me it'd be far more valuable to go the whole way and have > authentication/passwd talk to a system service. Then you could even > implement stuff like rate limiting sanely. We can do that with SSSD, which we are planning to take over all users (though it will leave /etc/passwd on the system for emergency repair and backward compatibility). Simo. -- Simo Sorce * Red Hat, Inc * New York -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
