Re: Followup: opinions on Search services

On Thu, 2005-05-12 at 18:46 +0100, Peter Wainwright wrote:
> On Tue, 2005-05-10 at 16:56 -0500, Manuel Amador wrote:
> > El mar, 26-04-2005 a las 23:32 -0400, Joe Shaw escribi� > > Hi,
> > > 
> > > On Tue, 2005-04-26 at 18:22 -0500, Manuel Amador wrote:
> > > > Oh, this is good.  Any plans to moving to a system-wide daemon model?
> > > 
> > > Moving to a solely system-wide model?  No.  The security implications of
> > > a daemon running as root that monitors all the files on the system can
> > > get hairy.  If you keep it per-user, then the security is fairly simple
> > > filesystem permissions.
> I don't see how you can run a per-user daemon without causing huge
> wastage on a multi-user system.  How does slocate do it? a system-wide
> search that inserts security permissions in a database and then
> respects 
> them when responding to queries?  

A tool like this should not be a trusted component of the system.  We
have a very small amount of utilities that are trusted enough to enforce
their own permissions (mount for instance).  Having a search tool be a
trusted component of the system is wrong.  Let's not trade security for
resource conservation.

John (J5) Palmieri
Associate Software Engineer
Desktop Group
Red Hat, Inc.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]