fedora-atomic discussion point: /usr/lib/passwd
simo at redhat.com
Mon Apr 28 17:39:39 UTC 2014
On Mon, 2014-04-28 at 17:15 +0000, Colin Walters wrote:
> On Mon, Apr 28, 2014 at 12:45 PM, Tomasz Torcz <tomek at pipebreaker.pl>
> > Risking being totally offtopic, but would TCB solve all most of
> > this issues?
> > www.openwall.com/tcb/ or
> > http://www.openwall.com/presentations/Owl/mgp00020.html
> It helps a little, but the problem here is not exactly about the
> underlying data format, but more about the merge/upgrade logic, which
> TCB by itself doesn't quite solve.
> We would still need logic somewhere (likely ostree), like today how it
> lives in RPM %post scripts to check whether users exist, and if not
> create them. The binding between that logic and how the files get
> created on disk is the hard problem.
> Also I originally thought TCB was a good idea, but I got less excited
> about it when I realized they'd just shifted setuid binaries to setgid.
> To me it'd be far more valuable to go the whole way and have
> authentication/passwd talk to a system service. Then you could even
> implement stuff like rate limiting sanely.
We can do that with SSSD, which we are planning to take over all users
(though it will leave /etc/passwd on the system for emergency repair and
Simo Sorce * Red Hat, Inc * New York
More information about the devel