El jue, 12-05-2005 a las 18:46 +0100, Peter Wainwright escribiÃ: > > I don't see how you can run a per-user daemon without causing huge > wastage on a multi-user system. How does slocate do it? a system-wide > search that inserts security permissions in a database and then > respects
Without seeing the code, I feel like it uses access(1) to determine whether the user can access the file in the results. That's why it runs setuid. > them when responding to queries? That is probably the way to go, even > if it is difficult to get right. You will probably need some separation > of permissions in the setgid (or setuid) client part to keep the > dangerous stuff simple. > > Peter Wainwright > > > > > But, you know, you could fork and setuid()/setgid() to the calling user > > right before performing searches or other user-requested actions. > > > > > > > > That said, there is a lot to be gained by having a shared store for a > > > lot of interesting, publicly available system-wide data. Things like > > > launchers, man pages, etc. are definitely useful to the user. Right now > > > we're indexing those for each user, but this is obviously suboptimal. > > > We don't have a concrete plan for this right now, but there are a few > > > options: we could have an instance of the daemon running as user nobody > > > which monitors some interesting directories (like the man paths); we > > > could have a shared read-only index crawler ala updatedb run once a day > > > or so. But it's not something we've sat down and prototyped or > > > investigated in depth yet. > > > > You could also have a multiple-responsibility model: an indexer running > > as root (which is the only part in the model that would be vulnerable, > > and thus SS chose a managed language to write this in), a search daemon > > which downgrades its security credentials upon search. Postfix > > successfully uses this model. > > > > > > > > Joe -- Manuel Amador <[EMAIL PROTECTED]> Amauta _______________________________________________ gnome-devel-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/gnome-devel-list
