From: Daniel Thornburgh <dthorn@google.com>
To: "Frank Ch. Eigler" <fche@redhat.com>
Cc: Mark Wielaard <mark@klomp.org>, elfutils-devel@sourceware.org
Subject: Re: debuginfod Credential Helper RFC
Date: Tue, 9 Aug 2022 11:13:42 -0700 [thread overview]
Message-ID: <CAEdiOyfqEcipwgW7omh2pw8vxLxpWSGGH2cRg0oQXB5rH-EfLQ@mail.gmail.com> (raw)
In-Reply-To: <20220808204143.GC16198@redhat.com>
On Mon, Aug 8, 2022 at 1:41 PM Frank Ch. Eigler <fche@redhat.com> wrote:
> So-so ... if the file contents are modified, but the environment
> variable that points to the file is fixed, then one may get into parse
> race conditions as different debuginfod client objects in the process
> may be active at the same time.
>
Ah, that's a good point. To support dynamic updates you'd need to
completely reload config for each query, which is prohibitive, and you may
get inconsistencies in behavior. So that just leaves file permissioning as
a use case.
>
> > [...] You could also do this more granularly:
> > DEBUGINFOD_HEADERS_FILES would work for us, and other lists could be
> > created for other dynamically controllable aspects of the system.
> > [...]
>
> I see some value in doing this sort of thing more broadly,
> hypothetically, but it's vague/speculative enough that I'd be just as
> glad to limit the concept to the present case ("also add all headers
> in given file"). So how about a $DEBUGINFOD_HEADERS and perhaps
> $DEBUGINFOD_HEADERS_FILE env vars for now?
>
Sounds good to me. If permissions are the only benefit to ..._FILE
environment variables, then headers are the only bit of config that it
makes sense to access control, so it makes sense as a special case.
--
Daniel Thornburgh | dthorn@google.com
prev parent reply other threads:[~2022-08-09 18:13 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-26 22:50 Daniel Thornburgh
2022-07-28 16:23 ` Mark Wielaard
2022-07-28 17:47 ` Daniel Thornburgh
2022-07-29 18:58 ` Mark Wielaard
2022-07-29 21:08 ` Daniel Thornburgh
2022-08-02 20:36 ` Daniel Thornburgh
2022-08-04 17:02 ` Mark Wielaard
2022-08-04 18:04 ` Daniel Thornburgh
2022-08-08 20:41 ` Frank Ch. Eigler
2022-08-09 18:13 ` Daniel Thornburgh [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAEdiOyfqEcipwgW7omh2pw8vxLxpWSGGH2cRg0oQXB5rH-EfLQ@mail.gmail.com \
--to=dthorn@google.com \
--cc=elfutils-devel@sourceware.org \
--cc=fche@redhat.com \
--cc=mark@klomp.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).