From: Ludwig Nussel <ludwig.nussel@suse.de>
To: util-linux@vger.kernel.org, "Ted Ts'o" <tytso@mit.edu>
Subject: Re: [PATCH 2/4] uuid: implement uuid_generate_random_safe
Date: Fri, 17 Jun 2011 09:37:35 +0200 [thread overview]
Message-ID: <201106170937.36082.ludwig.nussel@suse.de> (raw)
In-Reply-To: <20110617021517.GC29725@thunk.org>
Ted Ts'o wrote:
> On Thu, Jun 16, 2011 at 03:59:37PM +0200, Ludwig Nussel wrote:
> > +int uuid_generate_random_safe(uuid_t out)
> > +{
> > + int num = 1;
> > + /* No real reason to use the daemon for random uuid's -- yet */
>
> Note that amongst some distributions, there is a very strong
> resistance against using the uuidd daemon. Partially because it's
> "yet another daemon", partially because any long-running daemon has to
> get extra review/auditing because for potential security problems,
> etc.
Yes, that concerns us too. However I'd rather have uuidd running all
the time, started in a clean environment rather than making it
getuid/setgid. A third option would be to make uuidd startable via
inetd.
> Also please note that there's only *one* user of the uuid library, the
> proprietary SAP R/3 system, that generates enough uuids, and with a
> high enough frequency, where "safety" has ever been an issue. Most of
> the time, people simply aren't generating uuid's at the rate of
> thousands a second.
I can't judge. We got quite some pressure to set the setuid bit on
uuidd by default because 'several customers' demand it. Making the
interface more explicitly require uuidd would defeat arguments that
an application and the admin can't even notice there's a problem.
cu
Ludwig
--
(o_ Ludwig Nussel
//\
V_/_ http://www.suse.de/
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)
next prev parent reply other threads:[~2011-06-17 7:37 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-16 13:59 [PATCH 1/4] uuidgen: fail if uuidd isn't running Ludwig Nussel
2011-06-16 13:59 ` [PATCH 2/4] uuid: implement uuid_generate_random_safe Ludwig Nussel
2011-06-16 15:54 ` Karel Zak
2011-06-17 2:15 ` Ted Ts'o
2011-06-17 7:37 ` Ludwig Nussel [this message]
2011-06-20 11:45 ` Theodore Tso
2011-06-16 13:59 ` [PATCH 3/4] uuid: use new functions by default Ludwig Nussel
2011-06-20 10:35 ` Karel Zak
2011-06-16 13:59 ` [PATCH 4/4] update manpage Ludwig Nussel
2011-06-16 15:38 ` [PATCH 1/4] uuidgen: fail if uuidd isn't running Karel Zak
2011-06-17 2:07 ` Ted Ts'o
2011-06-20 10:45 ` Karel Zak
2011-06-20 12:18 ` Ludwig Nussel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201106170937.36082.ludwig.nussel@suse.de \
--to=ludwig.nussel@suse.de \
--cc=tytso@mit.edu \
--cc=util-linux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox