Re: Followup: opinions on Search services

El jue, 12-05-2005 a las 14:11 -0400, John (J5) Palmieri escribió:

> A tool like this should not be a trusted component of the system.  We
> have a very small amount of utilities that are trusted enough to enforce
> their own permissions (mount for instance).  Having a search tool be a
> trusted component of the system is wrong.  Let's not trade security for
> resource conservation.

The indexer is the trusted component, and thus it is written in a
managed language to minimize the chance for exploits (that's why a tooll
like Medusa could never ever be trusted).  The search component is not.
I have been planning to drop root creds as soon as a search is received,
but haven't found a way to do so cleanly, and moreover the project is on
the back burner due to my job =(.

Manuel Amador <rudd-o amautacorp com>

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]