From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from gnu.wildebeest.org (gnu.wildebeest.org [45.83.234.184]) by sourceware.org (Postfix) with ESMTPS id 81C8238582AE for ; Thu, 4 Aug 2022 17:02:09 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 81C8238582AE Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=klomp.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=klomp.org Received: from tarox.wildebeest.org (83-87-18-245.cable.dynamic.v4.ziggo.nl [83.87.18.245]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by gnu.wildebeest.org (Postfix) with ESMTPSA id 4C3F5300B36D; Thu, 4 Aug 2022 19:02:08 +0200 (CEST) Received: by tarox.wildebeest.org (Postfix, from userid 1000) id 3749440007AE; Thu, 4 Aug 2022 19:02:07 +0200 (CEST) Message-ID: <025de8a2c25112e902cc330199b9d0ebb61fbaf6.camel@klomp.org> Subject: Re: debuginfod Credential Helper RFC From: Mark Wielaard To: Daniel Thornburgh Cc: elfutils-devel@sourceware.org Date: Thu, 04 Aug 2022 19:02:07 +0200 In-Reply-To: References: <7e442ae6d3be28043d3c3ecd8a66af011b8dd573.camel@klomp.org> <259802b4c23d488bbd68a5f50898f44e4258c530.camel@klomp.org> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Mailer: Evolution 3.28.5 (3.28.5-10.el7) Mime-Version: 1.0 X-Spam-Status: No, score=-5.5 required=5.0 tests=BAYES_00, JMQ_SPF_NEUTRAL, KAM_DMARC_STATUS, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: elfutils-devel@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Elfutils-devel mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Aug 2022 17:02:11 -0000 Hi Daniel, On Tue, 2022-08-02 at 13:36 -0700, Daniel Thornburgh via Elfutils-devel=20 wrote: > So, I put together a design with this approach, and it passed a security > review, so the approach broadly seems to work for us. >=20 > It came up in review that it'd be considerably more usable to have the > environment variable point to a file: DEBUGINFOD_HEADERS_FILE=3D. T= his > would avoid storing credentials in environment variables, and it would > allow you to set up the path to the header file in your shell config at t= he > beginning of a session. >=20 > Would this work for libdebuginfod? We'd also want to standardize on the > format of such a file; probably a newline-separated list of headers in th= e > format accepted by debuginfod_add_http_header()? I wonder if we should generalize that for other DEBUGINFOD_envs. But instead of adding more environment variables have a debuginfod control file like we already have for cache_clean_interval, max_unused_age and cache_miss. So as an alternative to setting any of the DEBUGINFOD_frob environment variables you could put an urls, cache_path, progress, verbose retry_limit, timeout, maxtime, maxsize or headers file under XDG_CONFIG_HOME (~/.config) debuginfod_client that would be used if the corresponding environment variable isn't set. The downside of course is that it would cause more file stats when creating a debuginfod_client handle, but the overhead is probably minimal especially if programs just reuse the debuginfod_client objects. Or maybe it should just be one control file that can have entries for all of the variables. Cheers, Mark