From: "Ted Ts'o" <tytso@mit.edu>
To: Ludwig Nussel <ludwig.nussel@suse.de>
Cc: util-linux@vger.kernel.org
Subject: Re: [PATCH 2/4] uuid: implement uuid_generate_random_safe
Date: Thu, 16 Jun 2011 22:15:17 -0400 [thread overview]
Message-ID: <20110617021517.GC29725@thunk.org> (raw)
In-Reply-To: <1308232779-21018-2-git-send-email-ludwig.nussel@suse.de>
On Thu, Jun 16, 2011 at 03:59:37PM +0200, Ludwig Nussel wrote:
> +int uuid_generate_random_safe(uuid_t out)
> +{
> + int num = 1;
> + /* No real reason to use the daemon for random uuid's -- yet */
Note that amongst some distributions, there is a very strong
resistance against using the uuidd daemon. Partially because it's
"yet another daemon", partially because any long-running daemon has to
get extra review/auditing because for potential security problems,
etc.
Also please note that there's only *one* user of the uuid library, the
proprietary SAP R/3 system, that generates enough uuids, and with a
high enough frequency, where "safety" has ever been an issue. Most of
the time, people simply aren't generating uuid's at the rate of
thousands a second. So I'm really not convinced it's a good idea to
assume that the uuidd daemon will *always* be installed, let alone be
running, and the wholesale deprecation of the existing interfaces
(which are compatible with interfaces used by a number of other
operating systems, BTW), just because there is this idea that the
exsting interfaces are "unsafe". Really, they're not.
- Ted
next prev parent reply other threads:[~2011-06-17 2:15 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-16 13:59 [PATCH 1/4] uuidgen: fail if uuidd isn't running Ludwig Nussel
2011-06-16 13:59 ` [PATCH 2/4] uuid: implement uuid_generate_random_safe Ludwig Nussel
2011-06-16 15:54 ` Karel Zak
2011-06-17 2:15 ` Ted Ts'o [this message]
2011-06-17 7:37 ` Ludwig Nussel
2011-06-20 11:45 ` Theodore Tso
2011-06-16 13:59 ` [PATCH 3/4] uuid: use new functions by default Ludwig Nussel
2011-06-20 10:35 ` Karel Zak
2011-06-16 13:59 ` [PATCH 4/4] update manpage Ludwig Nussel
2011-06-16 15:38 ` [PATCH 1/4] uuidgen: fail if uuidd isn't running Karel Zak
2011-06-17 2:07 ` Ted Ts'o
2011-06-20 10:45 ` Karel Zak
2011-06-20 12:18 ` Ludwig Nussel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110617021517.GC29725@thunk.org \
--to=tytso@mit.edu \
--cc=ludwig.nussel@suse.de \
--cc=util-linux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox