-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ralph Böhme schreef op 9/01/2014 19:17:
> Hi Philip
>
> Am 09.01.2014 um 19:06 schrieb Philip Van Hoof
> <phi...@codeminded.be>:
>>> Great! I may be attending. Fwiw, if things work out as
>>> expected, Tracker will pave its way into large enterprise
>>> environments, functioning as search engine backend for Samba.
>>> :)
>>
>>
>> That's very cool to know! We're always very proud whenever we
>> learn that somebody is using our software for interesting
>> purposes and appliances.
>>
>> I can mention this on the presentation if you and/or NetAFP want
>> that. If it's not sure yet then I can of course not to mention
>> it. Let me know.
>
> of course you can mention that if you like. The new project of
> integrating Tracker with Samba (for use as search engine backend
> for Apple OS X SMB clients) will be made under the umbrella of my
> new employer SerNet. Tracker integration with Netatalk [1], the
> opensource AFP fileserver, was finished last year, then still by my
> own company NetAFP.
Oh wow, those are very nice and interesting use-cases indeed. When you
asked about the D-Bus session vs. system stuff I of course realized
that you wanted to use it for this purpose, but that it is actually
already being used and implemented for Netatalk and that it will now
also pave its way into large enterprise environments is more than nice.
I reiterate that we don't trust the security of the many libraries
that we link with and that I think we should do sandboxing of the
tracker-extract process using containers or at least by dropping
priviledges with set(e)uid like what you proposed earlier.
I can imagine that large entrprise environments care a lot about
their file servers not being exploited by placing a carefully crafted
file on a writable share and letting tracker-extract's memory get
buffer overflowed while it runs as a priviledged user.
I know, repeating myself: it's worrying me ;-). Nonetheless it's a
very nice use-case and I feel proud for our team that our software is
being used for this.
> -Ralph
>
> [1]
> <http://netatalk.sourceforge.net/3.1/htmldocs/configuration.html#idp139639144340800>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSz7cuAAoJEEP2NSGEz4aDLFsIALq8Ai8Iwiai8o2nEAYIUwl6
MLxvxb7etdPnG6M2HRpDeeH2haJLmD64pUIGPWbKHPsRaZe5swHA9xSRpgovSkOF
dS2za/yi2o5Q2STr1EOp+RmnH0CeI5bZxqCnBiNd8LFTiLx63luMKiLlfhzVntRk
COdauu2n0bElttOLjKUajfvCRH2Hz/G1WQTGfkBqF1/hZ733gJtougxvua71wUJR
a1ZLZQo7ilSWBdbeR51hnanpuItR3rmR9JKRMdEmYz3OExfOmRGbKAnPvvoxcGHD
4Wb0T2O6F+0++1rNw5l1yTwEmBGVGgizSU4SLa+SQumBsQ2I9fY0Mj89Jj/cvwY=
=sGfS
-----END PGP SIGNATURE-----
_______________________________________________
tracker-list mailing list
tracker-list@gnome.org
https://mail.gnome.org/mailman/listinfo/tracker-list
