fedora-atomic discussion point: /usr/lib/passwd

Colin Walters walters at verbum.org
Mon Apr 28 17:15:59 UTC 2014

On Mon, Apr 28, 2014 at 12:45 PM, Tomasz Torcz <tomek at pipebreaker.pl> 
>   Risking being totally offtopic, but would TCB solve all most of 
> this issues?
> www.openwall.com/tcb/  or 
> http://www.openwall.com/presentations/Owl/mgp00020.html

It helps a little, but the problem here is not exactly about the 
underlying data format, but more about the merge/upgrade logic, which 
TCB by itself doesn't quite solve.

We would still need logic somewhere (likely ostree), like today how it 
lives in RPM %post scripts to check whether users exist, and if not 
create them.  The binding between that logic and how the files get 
created on disk is the hard problem.

Also I originally thought TCB was a good idea, but I got less excited 
about it when I realized they'd just shifted setuid binaries to setgid. 
 To me it'd be far more valuable to go the whole way and have 
authentication/passwd talk to a system service.  Then you could even 
implement stuff like rate limiting sanely.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20140428/b8ea5ee5/attachment.html>

More information about the devel mailing list