[systemd-devel] SD_BUS_VTABLE_CAPABILITY
Andy Lutomirski
luto at amacapital.net
Fri Apr 17 09:12:48 PDT 2015
On Apr 17, 2015 6:05 AM, "Cristian RodrÃguez" <crrodriguez at opensuse.org> wrote:
>
> On Fri, Apr 17, 2015 at 7:51 AM, Lennart Poettering
> <lennart at poettering.net> wrote:
>
> > Groups *suck* as authentication scheme. If you add one group for each
> > privilege you want, then you'll have a huge number of groups, and
> > that's hardly desirable. It's pretty close to being unmanagable with
> > user/group editors. Also, you can never take group membership away,
> > since users who once where members of group can create sgid binaries
> > which allows them to always return into that group forever.
>
> Not to mention, we are running out of system users and groups in
> distributions (if we didn't already) and some people want us to
> provide fixed UID/GID system users
> across distributions for clustering applications...this is a totally
> unworkable way forward.
I believe you're arguing that you think gids are a scarse resource, so
you want to save ~2 gids (certainly fewer than 64) by inventing a
whole new userspace authorization scheme using *caps* that doesn't
even solve the problem that you want to solve.
I'm not sure how this is supposed to justify anything. Caps are
probably the single least scalable authorization mechanism you could
come up with.
--Andy
More information about the systemd-devel
mailing list