On Nov 23, 2016 8:11 AM, "Stephen John Smoogen" <smooge@xxxxxxxxx> wrote:
>
> On 23 November 2016 at 09:36, Michael Catanzaro <mcatanzaro@xxxxxxxxx> wrote:
> > On Wed, 2016-11-23 at 09:39 +0100, Florian Weimer wrote:
> >>
> >> What about the larger picture? Can tracker be made optional again
> >> for
> >> the GNOME desktop?
> >>
> >> Thanks,
> >> Florian
> >
> > No, many of our core applications depend on tracker to be able to see
> > files, and others (e.g. nautilus) use tracker to make search not take
> > forever. I don't think we'll support running without tracker anytime
> > soon. If someone wants to work on splitting little-used GStreamer
> > plugins into subpackages or sandboxing tracker miners (e.g. maybe with
> > SELinux?) that would be a more practical way forward.
>
> In that case, I expect that we are going to be doing cleanups over and
> over again. Because while this time it is Gstreamer it could have been
> any one of the myriad other helpers pulled in. The bigger problem is
> that the two major defenses of ALSR and DEP can be gotten past. That
> will have effects on any security decisions that have thought "too
> hard to do realistically so we rely on that".
>
>
Can we leave tracker enabled but disable literally every miner? AFAIK the mandatory uses of tracker only care about filenames and don't need contents at all.
I would go even farther and argue that Fedora should not, by default, ever enable a miner that isn't running in *strict* seccomp mode. If that means that cat pictures aren't identified as such, so be it. And if it means that several Fedora releases go by with a less functional search, that's fine too.
--Andy
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
