From: "Ted Ts'o" <tytso@mit.edu>
To: Ludwig Nussel <ludwig.nussel@suse.de>
Cc: util-linux@vger.kernel.org
Subject: Re: [PATCH 2/4] uuid: implement uuid_generate_random_safe
Date: Thu, 16 Jun 2011 22:15:17 -0400 [thread overview]
Message-ID: <20110617021517.GC29725@thunk.org> (raw)
In-Reply-To: <1308232779-21018-2-git-send-email-ludwig.nussel@suse.de>
On Thu, Jun 16, 2011 at 03:59:37PM +0200, Ludwig Nussel wrote:
> +int uuid_generate_random_safe(uuid_t out)
> +{
> + int num = 1;
> + /* No real reason to use the daemon for random uuid's -- yet */
Note that amongst some distributions, there is a very strong
resistance against using the uuidd daemon. Partially because it's
"yet another daemon", partially because any long-running daemon has to
get extra review/auditing because for potential security problems,
etc.
Also please note that there's only *one* user of the uuid library, the
proprietary SAP R/3 system, that generates enough uuids, and with a
high enough frequency, where "safety" has ever been an issue. Most of
the time, people simply aren't generating uuid's at the rate of
thousands a second. So I'm really not convinced it's a good idea to
assume that the uuidd daemon will *always* be installed, let alone be
running, and the wholesale deprecation of the existing interfaces
(which are compatible with interfaces used by a number of other
operating systems, BTW), just because there is this idea that the
exsting interfaces are "unsafe". Really, they're not.
- Ted
next prev parent reply other threads:[~2011-06-17 2:15 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-16 13:59 [PATCH 1/4] uuidgen: fail if uuidd isn't running Ludwig Nussel
2011-06-16 13:59 ` [PATCH 2/4] uuid: implement uuid_generate_random_safe Ludwig Nussel
2011-06-16 15:54 ` Karel Zak
2011-06-17 2:15 ` Ted Ts'o [this message]
2011-06-17 7:37 ` Ludwig Nussel
2011-06-20 11:45 ` Theodore Tso
2011-06-16 13:59 ` [PATCH 3/4] uuid: use new functions by default Ludwig Nussel
2011-06-20 10:35 ` Karel Zak
2011-06-16 13:59 ` [PATCH 4/4] update manpage Ludwig Nussel
2011-06-16 15:38 ` [PATCH 1/4] uuidgen: fail if uuidd isn't running Karel Zak
2011-06-17 2:07 ` Ted Ts'o
2011-06-20 10:45 ` Karel Zak
2011-06-20 12:18 ` Ludwig Nussel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110617021517.GC29725@thunk.org \
--to=tytso@mit.edu \
--cc=ludwig.nussel@suse.de \
--cc=util-linux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.