From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-53934-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 0D4A413800E
	for <garchives@archives.gentoo.org>; Thu,  9 Aug 2012 19:55:46 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 8E9F3E07EE;
	Thu,  9 Aug 2012 19:55:32 +0000 (UTC)
Received: from mail-bk0-f53.google.com (mail-bk0-f53.google.com [209.85.214.53])
	by pigeon.gentoo.org (Postfix) with ESMTP id 4B40BE07C6
	for <gentoo-dev@lists.gentoo.org>; Thu,  9 Aug 2012 19:54:49 +0000 (UTC)
Received: by bkwj4 with SMTP id j4so412129bkw.40
        for <gentoo-dev@lists.gentoo.org>; Thu, 09 Aug 2012 12:54:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:date
         :x-google-sender-auth:message-id:subject:from:to:content-type
         :content-transfer-encoding;
        bh=OeEmmqm45ajHiCBjoUyOnRuspyCrVdF9sW56Z9NAGAc=;
        b=sBlMiHxQrjxGO3PlBjjI31ojFIDxpeMSZ86tmPe3oyhwtPbcJA6s6pP2WchENc7aGH
         a42bva5B8b+PRpX62NM8LsPYbTBDyFgZJEWlOp75P94bDe7bEgsfptQKaNK4j4cVZzqP
         8oELvJqE5QU7uGr9BKqmdHBSG5bCRLp3wTkPAfQMApH8t2ShmXtZbSmsbeQ5xXAqQlbp
         plL6A9mWCF6X0avw6Ay/Od6m+QvRe346D7atAg0Dl+DdRc282J9V3p8pWfajoRHwaPoJ
         g8yfMcU2zy8QeQCvLlkTaFY+2OXI+V4pU47emoCq75FnXl7/P4bSRdZ6RhA2TTANiwpz
         QKNw==
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.204.0.80 with SMTP id 16mr253715bka.71.1344542088415; Thu, 09
 Aug 2012 12:54:48 -0700 (PDT)
Sender: freemanrich@gmail.com
Received: by 10.205.82.12 with HTTP; Thu, 9 Aug 2012 12:54:48 -0700 (PDT)
In-Reply-To: <CADPrc80QVLCyhBsz=PMpupSfUXG_QfUCJzXS=HtizgV2wS-ihg@mail.gmail.com>
References: <CACR_K2tKrkCBmsbBXen-Fqx3JYjpWq-qYGCHxEv6C4B9zh1t2Q@mail.gmail.com>
	<1344366029.24762.31.camel@TesterTop4>
	<502377E7.8010803@gentoo.org>
	<CADPrc80QVLCyhBsz=PMpupSfUXG_QfUCJzXS=HtizgV2wS-ihg@mail.gmail.com>
Date: Thu, 9 Aug 2012 15:54:48 -0400
X-Google-Sender-Auth: TsqrakliwyFqxngtw9yMUbPRKG8
Message-ID: <CAGfcS_nJc86UyOm3c2JkR2M5w7mu5FHGVRiszKGmkaQBZxJWFg@mail.gmail.com>
Subject: Re: [gentoo-dev] Questions about SystemD and OpenRC
From: Rich Freeman <rich0@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Archives-Salt: aa35cba3-d4bb-475f-b813-b8cea9acd338
X-Archives-Hash: b78bcab59e5ae2725c9b7797012d2ddb

On Thu, Aug 9, 2012 at 2:44 PM, Canek Pel=E1ez Vald=E9s <caneko@gmail.com> =
wrote:
> On Thu, Aug 9, 2012 at 3:42 AM, Luca Barbato <lu_zero@gentoo.org> wrote:
> [snip]
>> Repeat after me: having your first process require anything more than
>> libc is stupid and dangerous.
>
> No, it's not. You can (and should) depend on whatever libraries helps
> to achieve the desired goals. If one of the libraries has a bug, guess
> what? It should be fixed.

Look, there is a balance here.  This isn't really the thread to
discuss it, but there is a balance between having your only
password-reset UI being the passwd program, and having a 2MB suid root
X11 application like IRIX.  Most sane solutions today just have a
non-root front-end, that calls a small well-audited suid app (perhaps
just passwd).

Sure, fixing bugs should be admired, but planning to be robust even in
the face of future unknown bugs is the bedrock of secure software.

Rich