Re: Followup: opinions on Search services

From: "John (J5) Palmieri" <johnp martianrock com>
To: Peter Wainwright <prw ceiriog1 demon co uk>
Cc: gnome-devel-list gnome org
Subject: Re: Followup: opinions on Search services
Date: Thu, 12 May 2005 14:11:04 -0400

On Thu, 2005-05-12 at 18:46 +0100, Peter Wainwright wrote:
> On Tue, 2005-05-10 at 16:56 -0500, Manuel Amador wrote:
> > El mar, 26-04-2005 a las 23:32 -0400, Joe Shaw escribi� > > Hi,
> > > 
> > > On Tue, 2005-04-26 at 18:22 -0500, Manuel Amador wrote:
> > > > Oh, this is good.  Any plans to moving to a system-wide daemon model?
> > > 
> > > Moving to a solely system-wide model?  No.  The security implications of
> > > a daemon running as root that monitors all the files on the system can
> > > get hairy.  If you keep it per-user, then the security is fairly simple
> > > filesystem permissions.
> 
> I don't see how you can run a per-user daemon without causing huge
> wastage on a multi-user system.  How does slocate do it? a system-wide
> search that inserts security permissions in a database and then
> respects 
> them when responding to queries?  

A tool like this should not be a trusted component of the system.  We
have a very small amount of utilities that are trusted enough to enforce
their own permissions (mount for instance).  Having a search tool be a
trusted component of the system is wrong.  Let's not trade security for
resource conservation.

-- 
John (J5) Palmieri
Associate Software Engineer
Desktop Group
Red Hat, Inc.
Blog: http://martianrock.com

Follow-Ups:
- Re: Followup: opinions on Search services
  - From: Manuel Amador

References:
- Re: Followup: opinions on Search services
  - From: Manuel Amador
- Re: Followup: opinions on Search services
  - From: Peter Wainwright

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]