Re: Why most run Microsoft, not RedHat

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Zoltan Boszormenyi wrote:
Les Mikesell írta:
Zoltan Boszormenyi wrote:

He was a bit tricky to
use chattr +i on /bin/login and some other progs.
BTW, although rpm complained that it cannot replace
those, why isn't it prepared for such scenarios?
RPM is made for Linux, it should certainly know
about special filesystem flags and handle them.

How should rpm handle it? Rpm has no way of knowing why the
How?

1. be able to specify special flags in the specfile and apply them upon
install
2. detect if the filesystem doesn't handle such specials and make note
of it in the rpmdb
3. clear them before uninstalling or upgrading
4. detect if it was modified, report it with rpmv
    (skip this check if the rpmdb indicates it, see 2)


Why? What would the advantages be? Do they overcome the drawbacks of
rpm being able to change a file that you set the immutable flag on?

Mikkel

Yes, see 3.

What would be the point of having a special attribute if programs
can just ignore it?

What's the point of having a package manager if you can
overwrite everything by compiling from source or delete stuff?

What's the point of setting the immutable flag on a binary, doc or data
file that might - and eventually will - be replaced if you upgrade its package?

What's the point of handling Unix/SELinux permissions by rpm
if you can simply chmod/chown everything?

I ran out of rhetoric questions. :-)


It's all a matter of programmer-vs.-programmer wars to show who is in
control. You can compare it to the person who thought that the passwd program should only talk directly to a tty and that programs should not be able to use it. That lasted a few months - until another programmer wanted his program to be able to change passwords and wrote 'expect' to do it. A big waste of both people's time...

But your POV in the question above is wrong.
The point is to take advantage of something
where available.

Beg your pardon? The point of adding the immutable bit was so the file couldn't be changed by ordinary means. It is, again, a waste of both parties efforts as soon as someone adds the programming to bypass its attempt at control.

Actually, I have another rhetoric
question to back up my POV: what's the point of
supporting NX in the newer CPUs when you can
run the compiled kernel on older system where
the feature never activates?

For kernel features it isn't a rhetorical question. The answer is always that Linus wants it to be that way.

--
  Les Mikesell
   lesmikesell@xxxxxxxxx


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux