slocate for OpenSolaris [LSARC/2008/447 FastTrack timeout 07/22/2008]
James Carlson
james.d.carlson at sun.com
Fri Jul 25 07:27:27 PDT 2008
Darren J Moffat writes:
> James Carlson wrote:
> > I'm on the fence on this one. The way it "fails safe" is that you
> > don't install it if you don't want it and/or you do care about ACLs.
>
> I don't think that is fair.
I do. The system doesn't install with any ACLs on anything. The
system itself doesn't depend on them.
What we have here isn't so much of a "security problem" as it is of a
feature incompatibility: you can either make use of ACLs on your
system, or you can use a "secure" global file indexer, but you can't
do both. The security issues crop up only as an artifact of the
incompatibility between these two; they're not inherent.
> It is the sysadmin that does the install
> but the end user's privacy that is leaked to other end users if their
> filenames are revealed by slocate.
I suspect that for many of the use-cases for slocate, those are
effectively the same person. That's part of the problem in trying to
be "Linux friendly" instead of building a unified system. It's hard
to determine which features can reasonably blow others out of the
water. :-/
--
James Carlson, Solaris Networking <james.d.carlson at sun.com>
Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
More information about the opensolaris-arc
mailing list