[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Setuid programs
|
From: |
Christopher Lemmer Webber |
|
Subject: |
Re: Setuid programs |
|
Date: |
Sat, 14 Nov 2020 15:18:24 -0500 |
|
User-agent: |
mu4e 1.4.13; emacs 27.1 |
Ludovic Courtès writes:
> Hi,
>
> Gábor Boskovits <boskovits@gmail.com> skribis:
>
>> I have two reasons for that: backwards compatibility is really
>> important, so we should not break it, and I believe this would not be
>> hard to do.
>> On the other hand it would be nice to have a more integrated backend,
>> and move as many things into the services infrastructure as practical,
>> and I think this is a good candidate for that. Wdyt?
>
> There’s already ‘setuid-program-service-type’. I think the way forward
> would be to:
>
> 1. Define the <setuid-program> record type you propose.
>
> 2. Have ‘setuid-program-service-type’ accept that through its
> extensions. When it receives something else, it should
> transparently turn it into a <setuid-program> record, for backward
> compatibility, and emit a deprecation warning.
>
> 3. Document the OS ‘setuid-programs’ field as taking a list of such
> records.
>
> How does that sound?
>
> Thanks,
> Ludo’.
This sounds like a good plan. I'm taking a stab at it, but there's a
good chance I'll get it wrong, so review will be seriously needed.
Let's find out how I do!
- Re: Setuid programs, Christopher Lemmer Webber, 2020/11/07
- Re: Setuid programs,
Christopher Lemmer Webber <=