James Carlson wrote:
> Mayuresh Nirhali writes:
>
>> Thanks to all who responded to this thread so far.
>> So, Do we agree that dante cannot be integrated as is into Solaris ?
>>
>
> I can't speak for the others who responded, but I'm not in agreement
> with that. I think it should integrate, and that it should run as
> EUID==0 so that it can use PAM. If at all possible (and it certainly
> _should_ be possible), the daemon should be changed to give up as many
> privileges as it can.
>
I was seeking inputs from the ARC members to see if dante will be
accepted in Solaris '_as is_'. i.e. without making major changes to this
third party code. However, as discussed earlier, it did not seem like it
is possible and just wanted to confirm the same.
From what I understood in the discussion so far, dante, the way it is
implemented today, should not be integrated for atleast to 2 reasons,
1. PAM requires UID=0, and in turn gains all the privileges (more
than necessary for certain operations)
2. It does not seem to confirm to the Solaris PAM policy, as rightly
pointed out by Joep.
If we are considering changing the daemon then we will have to work with
the community to have dante confirm to the Solaris policies or simply
have the dante daemon resolve the security concerns by giving up as many
privileges as it can, as you mentioned. But, the discussion also seem to
indicate that there are certain aspects in Solaris that might need some
work. I would appreciate more clarity/inputs on how we could proceed
further with this ??
> (If any of the members commenting believed that it couldn't be
> integrated at all or that it required changes that the project team
> was unwilling to agree to, then we have a process problem here.
> Fast-tracks can't be denied or have TCRs applied; that only happens
> with full cases, which means that a member needs to derail this in
> order to have a formal vote.)
>
I was not aware of that. Thanks for brining this up.
I dont think I can commit at this moment that the changes we propose
will be accepted by the community. Please note that, there is no
evidence of any active development around this product currently, so
interaction with the maintainers will atleast slow down the process if
not block it. Hence, there is no guarantee that our changes to dante
will be accepted. I only filed this as fasttrack, because the current
version of the product seems to have good userbase and I was able to
compile/run it fine on Solaris. little did I know about the security
issues then ?
> (Are you maybe jumping the gun? I suggest just reiterating exactly
> what you're intending to do in order to integrate, and asking if
> anyone wants to derail.)
>
>
Not jumping the gun here. Just wanted to confirm if we all agree that
the *current* implementation is not good enough for its integration to
Solaris.
Again, If there is an agreement that there is no way to get dante
integrated without changing the source code, then, I will contact the
maintainers to see if they can work with us to fix the security related
issues.
Best regards
Mayuresh
