Ted Ts'o wrote:
> On Thu, Jun 16, 2011 at 03:59:37PM +0200, Ludwig Nussel wrote:
> > +int uuid_generate_random_safe(uuid_t out)
> > +{
> > + int num = 1;
> > + /* No real reason to use the daemon for random uuid's -- yet */
>
> Note that amongst some distributions, there is a very strong
> resistance against using the uuidd daemon. Partially because it's
> "yet another daemon", partially because any long-running daemon has to
> get extra review/auditing because for potential security problems,
> etc.
Yes, that concerns us too. However I'd rather have uuidd running all
the time, started in a clean environment rather than making it
getuid/setgid. A third option would be to make uuidd startable via
inetd.
> Also please note that there's only *one* user of the uuid library, the
> proprietary SAP R/3 system, that generates enough uuids, and with a
> high enough frequency, where "safety" has ever been an issue. Most of
> the time, people simply aren't generating uuid's at the rate of
> thousands a second.
I can't judge. We got quite some pressure to set the setuid bit on
uuidd by default because 'several customers' demand it. Making the
interface more explicitly require uuidd would defeat arguments that
an application and the admin can't even notice there's a problem.
cu
Ludwig
--
(o_ Ludwig Nussel
//\
V_/_ http://www.suse.de/
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)
--
To unsubscribe from this list: send the line "unsubscribe util-linux" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
