Message ID | 87362qc6hw.fsf@gnu.org |
---|---|
State | Accepted |
Headers | show |
Series | [bug#43851] gnu: sudo: Depend on python-minimal instead of python. | expand |
Context | Check | Description |
---|---|---|
cbaines/comparison | success | View comparision |
cbaines/git branch | success | View Git branch |
cbaines/applying patch | fail | View Laminar job |
Good evening Janneke, Jan Nieuwenhuizen 写道: > Depending on python pulls in X11: It only depends on Python because I wasn't [consciously] aware of the existence of python-minimal. Your patch LGTM. > However...do we really want to extend sudo with eh, a large > programming > language I enabled Python support in sudo because it exists for the same reason that Guile does. If we want a less hackable sudo - certainly a defensible position - that's fine by me. If we do, then yes, I think Python is reasonable considering the alternative (C). > that has a more impressive CVE list than a lovely tiny language > such as, say Guile? ;) Python has a more impressive almost-anything than Guile so that means nothing. Kind regards, T G-R
Hi Janneke, On Wed, 07 Oct 2020 19:04:27 +0200 Jan Nieuwenhuizen <janneke@gnu.org> wrote: > Depending on python pulls in X11: > > --8<---------------cut here---------------start------------->8--- > $ guix graph --path sudo libx11 > sudo@1.9.3p1 > python@3.8.2 > tk@8.6.10 > libx11@1.6.9 > --8<---------------cut here---------------end--------------->8--- > > which is unfortunate, especially for the Hurd. > > However...do we really want to extend sudo with eh, a large programming > language that has a more impressive CVE list than a lovely tiny language > such as, say Guile? ;) I am very much in favor of not having unnecessary dependencies in things which are suid root. Also, there already IS PAM support in sudo, and PAM has modules--so why have yet another weird new mechanism? For auditing, there is auditd (even in Guix already). Furthermore, it makes updating sudo more brittle. Also, we removed when cross-compiling already, pointing to other problems. Please remove the python dependency entirely.
Tobias Geerinckx-Rice writes: Hello Tobias, > Jan Nieuwenhuizen 写道: >> Depending on python pulls in X11: > > It only depends on Python because I wasn't [consciously] aware of the > existence of python-minimal. Your patch LGTM. > >> However...do we really want to extend sudo with eh, a large >> programming >> language > > I enabled Python support in sudo because it exists for the same reason > that Guile does. Yes, hackability/extensibility makes sense and is good in general... > If we want a less hackable sudo - certainly a defensible position - > that's fine by me. If we do, then yes, I think Python is reasonable > considering the alternative (C). ...but in this case, yes, a less hackable sudo is what I'm certainly leaning towards. Danny Milosavljevic writes: > I am very much in favor of not having unnecessary dependencies in things > which are suid root. Also, there already IS PAM support in sudo, and > PAM has modules--so why have yet another weird new mechanism? For auditing, > there is auditd (even in Guix already). > Furthermore, it makes updating sudo more brittle. > Also, we removed when cross-compiling already, pointing to other problems. > Please remove the python dependency entirely. @Tobias: would you please revert/remove the Python addition to sudo (or else discuss some more with others?). >> that has a more impressive CVE list than a lovely tiny language >> such as, say Guile? ;) > > Python has a more impressive almost-anything than Guile so that means > nothing. Yeah, Python is amazing. Greetings, Janneke
Hello Tobias! Tobias Geerinckx-Rice <me@tobias.gr> writes: > Good evening Janneke, > > Jan Nieuwenhuizen 写道: >> Depending on python pulls in X11: > > It only depends on Python because I wasn't [consciously] aware of the > existence of python-minimal. Your patch LGTM. > >> However...do we really want to extend sudo with eh, a large >> programming >> language > > I enabled Python support in sudo because it exists for the same reason > that Guile does. > > If we want a less hackable sudo - certainly a defensible position - > that's fine by me. If we do, then yes, I think Python is reasonable > considering the alternative (C). What kind of uses does the Python bindings provide? If we don't have any use for it, I think it may be better to let the dependency go altogether, to keep sudo as small and secure as possible. Thanks, Maxim
Heyho Maxim, Maxim Cournoyer 写道: > What kind of uses does the Python bindings provide? They're not bindings in the way I understand the term; more like a plug-in interface that allows you to implement security policies beyond the rudimentary ‘sudoers’ format (or writing a C extension *shudder*). Basically: what we would have used Guile for :-) The rest of the world uses Python. However, PAM is not relevant to the discussion & served only to confuse. > If we don't have any use for it, I think it may be better to let > the > dependency go altogether, to keep sudo as small and secure as > possible. I don't think sudo is either, nor does the presence of Python affect that meaningfully. But let's stop this pointless discussion since removing it helps the Hurd progress. That's enough. The Hurd is a lot more exciting than the removal of sudo Python support -- and actually *will* improve security! \o/, T G-R
On Fri, 9 Oct 2020 at 20:49, Tobias Geerinckx-Rice via Guix-patches via <guix-patches@gnu.org> wrote: > I don't think sudo is either, nor does the presence of Python > affect that meaningfully. But let's stop this pointless > discussion since removing it helps the Hurd progress. That's > enough. > > The Hurd is a lot more exciting than the removal of sudo Python > support -- and actually *will* improve security! I agree that supporting Hurd is more important than supporting hypothetical users using hypothetically sudo with Python. :-) Why not have 2 packages: 'sudo' (with Python) and 'sudo-minimal' (without). Or any other name. Cheers, simon
zimoun 写道: > I agree that supporting Hurd is more important than supporting > hypothetical users using hypothetically sudo with Python. :-) I'm not hypothetical! I'm a real boy! > Why not have 2 packages: 'sudo' (with Python) and 'sudo-minimal' > (without). Or any other name. I suggested as much on #guix so it is by definition an excellent suggestion. Janneke? T G-R
Tobias Geerinckx-Rice writes: Hello! > Maxim Cournoyer 写道: >> If we don't have any use for it, I think it may be better to let the >> dependency go altogether, to keep sudo as small and secure as >> possible. > > I don't think sudo is either, nor does the presence of Python affect > that meaningfully. But let's stop this pointless discussion since > removing it helps the Hurd progress. That's enough. > > The Hurd is a lot more exciting than the removal of sudo Python > support -- and actually *will* improve security! Thanks all, I've removed the python dependency from sudo; pushed to master as 165e0918da54643bfaf9a6cb6b866f8692e9f8f9. Greetings, Janneke
Tobias Geerinckx-Rice writes: Hi! > zimoun 写道: >> I agree that supporting Hurd is more important than supporting >> hypothetical users using hypothetically sudo with Python. :-) > > I'm not hypothetical! I'm a real boy! > >> Why not have 2 packages: 'sudo' (with Python) and 'sudo-minimal' >> (without). Or any other name. > > I suggested as much on #guix so it is by definition an excellent > suggestion. > > Janneke? Oops, I missed that and just pushed Python removal. I would suggest sudo-with-python; but I'm fine with sudo-minimal too. Greetings, Janneke
From e28a7f0679cc70f48f2583b2f3fe5f9a1984d6cc Mon Sep 17 00:00:00 2001 From: "Jan (janneke) Nieuwenhuizen" <janneke@gnu.org> Date: Wed, 7 Oct 2020 18:49:29 +0200 Subject: [PATCH] gnu: sudo: Depend on python-minimal instead of python. Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 * gnu/packages/admin.scm (sudo)[inputs]: Use python-minimal instead of python. --- gnu/packages/admin.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm index e62a145614..399c55a080 100644 --- a/gnu/packages/admin.scm +++ b/gnu/packages/admin.scm @@ -1499,7 +1499,7 @@ system administrator.") ("linux-pam" ,linux-pam) ,@(if (%current-target-system) '() - `(("python" ,python))) + `(("python" ,python-minimal))) ("zlib" ,zlib))) (home-page "https://www.sudo.ws/") (synopsis "Run commands as root") -- Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.org Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.com