El mar, 26-04-2005 a las 23:32 -0400, Joe Shaw escribiÃ: > Hi, > > On Tue, 2005-04-26 at 18:22 -0500, Manuel Amador wrote: > > Oh, this is good. Any plans to moving to a system-wide daemon model? > > Moving to a solely system-wide model? No. The security implications of > a daemon running as root that monitors all the files on the system can > get hairy. If you keep it per-user, then the security is fairly simple > filesystem permissions.
But, you know, you could fork and setuid()/setgid() to the calling user right before performing searches or other user-requested actions. > > That said, there is a lot to be gained by having a shared store for a > lot of interesting, publicly available system-wide data. Things like > launchers, man pages, etc. are definitely useful to the user. Right now > we're indexing those for each user, but this is obviously suboptimal. > We don't have a concrete plan for this right now, but there are a few > options: we could have an instance of the daemon running as user nobody > which monitors some interesting directories (like the man paths); we > could have a shared read-only index crawler ala updatedb run once a day > or so. But it's not something we've sat down and prototyped or > investigated in depth yet. You could also have a multiple-responsibility model: an indexer running as root (which is the only part in the model that would be vulnerable, and thus SS chose a managed language to write this in), a search daemon which downgrades its security credentials upon search. Postfix successfully uses this model. > > Joe -- Manuel Amador <[EMAIL PROTECTED]> Amauta _______________________________________________ gnome-devel-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/gnome-devel-list
