On Sun, Aug 16, 2015 at 6:32 PM, Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> wrote: > On Sun, Aug 16, 2015 at 02:03:38PM +0200, Lennart Poettering wrote: >> In general: encoding privilige policy into the API through binary >> paths is a really bad idea, as policy shouldn't be considered strict >> API (or to be more precise: it should be allowed to open up policy -- >> while of course not necessarily to close it down later on), but paths >> are. > > Yeah, that's why I was suggesting using it instead for things that > really have no business being in anyone's path, root or not, rather > than have it relate to privileges at all. But, again, only > halfheartedly. That's what libexec is for? Or you mean use it instead of libexec? -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
