On Fr, 28.01.22 12:25, Florian Weimer (fwei...@redhat.com) wrote: > >> One issue is that it's harder to prevent other users from doing execve > >> than it's denying them access to some IPC service. In this sense, SUID > >> programs are more robust. > > > > Well, that's precisely the problem that PK was supposed to address, > > but then it descended down the JS rabbit hole... > > Not sure if we are talking about the same thing. I meant flooding the > local socket (or similar) with requests, not access control.
Well, making socket services scalable is not entirely trivial, but i figure the number of parallel connections a Linux system should be able to handle is still higher than the number of processes it allows to run in parallel... Lennart -- Lennart Poettering, Berlin _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
