Hi Daniel, On Tue, 2022-07-26 at 15:50 -0700, Daniel Thornburgh via Elfutils-devel wrote: > I'm working on a use case for debuginfod (in LLVM) that needs a > solution > for authentication and authorization of users when accessing source and > debug information. I've put together a short RFC for how this might work, > based on how git and Docker CLIs handle credentials. It should be fairly > straightforward to implement and to generalize to new credential types. > > Please take a look; it'd be good to have a consensus on how this should > work across interested debuginfod implementations before moving forward > towards implementation.
I think this could work for a standalone program like debuginfod-find, but not for a library like libdebuginfod. I would rather not have to fork and exec from libdebuginfod. We don't really know in what state the program is and forking a big process is not cheap. The process might be watching its own children (like when libdebuginfod is used in a debugger or profiler) and suddenly get unexpected sigchilds or pids from wait. Can't this be handled through e.g. the underlying libcurl library by setting a proxy environment variable so the requests goes through a local proxy that is setup to do some kind of authentication transparently? Or by simply defining the base DEBUGINFOD_URL with https://user:p...@debuginfod.example.com/ ? Thanks, Mark
