On Mon, Aug 8, 2022 at 1:41 PM Frank Ch. Eigler wrote:
> So-so ... if the file contents are modified, but the environment
> variable that points to the file is fixed, then one may get into parse
> race conditions as different debuginfod client objects in the process
> may be active at the same ti
Hi -
> [...] I could also see file-based config being useful if some
> aspect of the debuginfod configuration can change from
> moment-to-moment. Environment variables could be used for that, but
> it would require either changing those variables in the calling
> shell or wrapping each debuginfod
On Thu, Aug 4, 2022 at 10:02 AM Mark Wielaard wrote:
> I wonder if we should generalize that for other DEBUGINFOD_envs. But
> instead of adding more environment variables have a debuginfod control
> file like we already have for cache_clean_interval, max_unused_age and
> cache_miss.
>
> So as an
Hi Daniel,
On Tue, 2022-08-02 at 13:36 -0700, Daniel Thornburgh via Elfutils-devel
wrote:
> So, I put together a design with this approach, and it passed a security
> review, so the approach broadly seems to work for us.
>
> It came up in review that it'd be considerably more usable to have the
So, I put together a design with this approach, and it passed a security
review, so the approach broadly seems to work for us.
It came up in review that it'd be considerably more usable to have the
environment variable point to a file: DEBUGINFOD_HEADERS_FILE=. This
would avoid storing credentials
On Fri, Jul 29, 2022 at 11:58 AM Mark Wielaard wrote:
> I don't know how people "scope" this. But it feels a little paranoid to
> restrict access to debuginfo and sources. So I wouldn't really mind
> other users also having access.
>
> You don't even need a real httpd proxy, you could even run a
Hi,
On Thu, 2022-07-28 at 10:47 -0700, Daniel Thornburgh via Elfutils-devel
wrote:
> >
> > I think this could work for a standalone program like debuginfod-find,
> > but not for a library like libdebuginfod. I would rather not have to
> > fork and exec from libdebuginfod.
> >
>
> Could this fu
>
> I think this could work for a standalone program like debuginfod-find,
> but not for a library like libdebuginfod. I would rather not have to
> fork and exec from libdebuginfod.
>
Could this functionality be made optional? Something a client could call to
fork out to a credential helper, but wi
Hi Daniel,
On Tue, 2022-07-26 at 15:50 -0700, Daniel Thornburgh via Elfutils-devel
wrote:
> I'm working on a use case for debuginfod (in LLVM) that needs a
> solution
> for authentication and authorization of users when accessing source and
> debug information. I've put together a short RFC for h
