BTW, Patrice, I was getting ready to integrate your last patch into the source today. It is very valuable and thanks for that.
I also would like to ask your help to get Elektra accepted in the Fedora Extras distro.
Can anybody tell me why we have a full ltdl library inside Elektra's source? Isn't it the OS responsability to provide one? Does Linux provide one by default ?
About 1 simple configuration file to define the default backend, seems a bit dirty for me. Anyway I think this idea should not be discarded yet.
Regards,
Avi
On 7/25/06, Patrice Dumas <[EMAIL PROTECTED]> wrote:
On Tue, Jul 25, 2006 at 03:09:56PM -0300, Avi Alkalay wrote:
> We discussed before how to define a default backend, the use of environment
> etc, and we found that and envvar is not secure enough. The other option was
Indeed it isn't right for setuid root apps.
> Do you have a better idea on how to define a default backend ?
A possibility would be to use a very simple config file which only holds
the name of the default backend.
However I have another idea, that may allow the use of the link for the
default backend that works with proper namespacing, and also could add
some security to elektra by limiting the locations where backends are
searched for.
The idea is to use only backends located in the backend directories,
namely /lib/elektra and /usr/lib/elektra, but resolve symlinks.
To achieve that, instead of giving to lt_dlopen the relative backend
filename, give it an absolute filename, prefixed with /lib/elektra or
/usr/lib/elektra, and with symlinks resolved.
(of course replace /lib/elektra and /usr/lib/elektra by $(backenddir) and
$(hlvlbackenddir) in the general case).
What do you think about that idea? It seems to me that not searching in
/lib and /usr/lib... adds some security.
--
Pat
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Registry-list mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/registry-list
