Bug 41416 - reimplement hasher-priv using a client/server model
Summary: reimplement hasher-priv using a client/server model
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: hasher-priv (show other bugs)
Version: unstable
Hardware: all Linux
: P5 enhancement
Assignee: Arseny Maslennikov
QA Contact: qa-sisyphus
URL: https://lore.altlinux.org/devel/20210...
Keywords:
Depends on:
Blocks: 41370
  Show dependency tree
 
Reported: 2021-11-23 14:59 MSK by Dmitry V. Levin
Modified: 2023-12-05 23:46 MSK (History)
4 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Dmitry V. Levin 2021-11-23 14:59:10 MSK
Let's rewrite hasher-priv into a privileged daemon operating in response to requests from unprivileged client processes.

This would allow us, among other benefits, to get rid of set-uid root executable thus making the tool suitable for no_new_privs environments, and, consequently, to use hasher inside hasher chroot.
Comment 1 AEN 2021-11-23 15:19:06 MSK
Повышаю до Normal ввиду важности темы.
Comment 2 Dmitry V. Levin 2021-11-23 15:26:18 MSK
(In reply to AEN from comment #1)
> Повышаю до Normal ввиду важности темы.

С формальной точки зрения это не ошибка, а новая фича, поэтому пусть всё-таки будет enhancement, эта категория не влияет на приоритеты.
Comment 3 Dmitry V. Levin 2023-12-05 23:46:38 MSK
Implemented in hasher-priv 2.0 more than a year ago.