Re: [Tracker] FOSDEM submission proposal
- From: Philip Van Hoof <philip codeminded be>
- To: Ralph Böhme <rb netafp com>
- Cc: tracker-list gnome org
- Subject: Re: [Tracker] FOSDEM submission proposal
- Date: Fri, 10 Jan 2014 10:02:39 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ralph Böhme schreef op 9/01/2014 19:17:
Hi Philip
Am 09.01.2014 um 19:06 schrieb Philip Van Hoof
<philip codeminded be>:
Great! I may be attending. Fwiw, if things work out as
expected, Tracker will pave its way into large enterprise
environments, functioning as search engine backend for Samba.
:)
That's very cool to know! We're always very proud whenever we
learn that somebody is using our software for interesting
purposes and appliances.
I can mention this on the presentation if you and/or NetAFP want
that. If it's not sure yet then I can of course not to mention
it. Let me know.
of course you can mention that if you like. The new project of
integrating Tracker with Samba (for use as search engine backend
for Apple OS X SMB clients) will be made under the umbrella of my
new employer SerNet. Tracker integration with Netatalk [1], the
opensource AFP fileserver, was finished last year, then still by my
own company NetAFP.
Oh wow, those are very nice and interesting use-cases indeed. When you
asked about the D-Bus session vs. system stuff I of course realized
that you wanted to use it for this purpose, but that it is actually
already being used and implemented for Netatalk and that it will now
also pave its way into large enterprise environments is more than nice.
I reiterate that we don't trust the security of the many libraries
that we link with and that I think we should do sandboxing of the
tracker-extract process using containers or at least by dropping
priviledges with set(e)uid like what you proposed earlier.
I can imagine that large entrprise environments care a lot about
their file servers not being exploited by placing a carefully crafted
file on a writable share and letting tracker-extract's memory get
buffer overflowed while it runs as a priviledged user.
I know, repeating myself: it's worrying me ;-). Nonetheless it's a
very nice use-case and I feel proud for our team that our software is
being used for this.
-Ralph
[1]
<http://netatalk.sourceforge.net/3.1/htmldocs/configuration.html#idp139639144340800>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSz7cuAAoJEEP2NSGEz4aDLFsIALq8Ai8Iwiai8o2nEAYIUwl6
MLxvxb7etdPnG6M2HRpDeeH2haJLmD64pUIGPWbKHPsRaZe5swHA9xSRpgovSkOF
dS2za/yi2o5Q2STr1EOp+RmnH0CeI5bZxqCnBiNd8LFTiLx63luMKiLlfhzVntRk
COdauu2n0bElttOLjKUajfvCRH2Hz/G1WQTGfkBqF1/hZ733gJtougxvua71wUJR
a1ZLZQo7ilSWBdbeR51hnanpuItR3rmR9JKRMdEmYz3OExfOmRGbKAnPvvoxcGHD
4Wb0T2O6F+0++1rNw5l1yTwEmBGVGgizSU4SLa+SQumBsQ2I9fY0Mj89Jj/cvwY=
=sGfS
-----END PGP SIGNATURE-----
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]