From owner-freebsd-hackers@FreeBSD.ORG Thu Jun 7 07:28:01 2012 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D227F106566B; Thu, 7 Jun 2012 07:28:01 +0000 (UTC) (envelope-from edschouten@gmail.com) Received: from mail-wg0-f50.google.com (mail-wg0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 30EF08FC14; Thu, 7 Jun 2012 07:28:01 +0000 (UTC) Received: by wgbds11 with SMTP id ds11so237644wgb.31 for ; Thu, 07 Jun 2012 00:28:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=HFfzruHWWHLwcfpgAHY+YZSGGsQXTH8ZELMLQSbdTQY=; b=J2/zEY6NH5dlkAAP3KszTO2QuQzCPKBUrUttSX0qPBDKz2eyGyvV/3EU7lzc7hiqQm uqkbQ8c5hkHSob7ZzM8sb6vFVzPBm9X8T3CS6+Tq378WNSTXFMaVFXI5hDwWeYyQqBiU mVjZZGSxAMqBehhBjEmuLKnEtDd8B8BKEKrnHE7NdFmcR9U8Y5XzZuNmxqKoSQ321KI2 Qh23P+r27Kq4G4NtW8wmIolQagwApEr8RieJ2Ba+WbVKF2gsNbl8KxQcdkbGorSsA48x hJU2pZzb9r4MFvh4j5kQ9lQ7zuHmCLk8zbnzOaY7o+yMEDTjL8K1I819l/fm2pfkXlI6 sN+g== MIME-Version: 1.0 Received: by 10.216.144.69 with SMTP id m47mr144446wej.86.1339054079299; Thu, 07 Jun 2012 00:27:59 -0700 (PDT) Sender: edschouten@gmail.com Received: by 10.223.151.7 with HTTP; Thu, 7 Jun 2012 00:27:59 -0700 (PDT) In-Reply-To: <20120606112011.GB1381@garage.freebsd.pl> References: <4FCC126C.1020600@shatow.net> <20120605213101.GA13339@stack.nl> <20120606112011.GB1381@garage.freebsd.pl> Date: Thu, 7 Jun 2012 09:27:59 +0200 X-Google-Sender-Auth: d59E4iUC27V8LTbqWwMipklndD0 Message-ID: From: Ed Schouten To: Pawel Jakub Dawidek Content-Type: text/plain; charset=UTF-8 Cc: freebsd-hackers@freebsd.org, Jilles Tjoelker , Bryan Drewery Subject: Re: [RFC] last(1) with security.bsd.see_other_uids support X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jun 2012 07:28:01 -0000 2012/6/6 Pawel Jakub Dawidek : > Any privileged daemon is much bigger threat. Also, do we really want a > daemon running all the time just to be able to parse utx files? Well, if you think of it, it's not a very strange idea: - You can simply get rid of /var/run/utx.active. There's no need for this to be written to disk. It can just stay in memory. - You can use devd to track the destruction of TTYs, so you can automatically garbage collect stale entries for pseudo-terminals. Right now a `killall -9 xterm' may leave stale entries behind. - The other files aren't _that_ big. On FreeBSD, utx.log only stores entries for the last month. Especially if you implement getutxid()/getutxuser() as separate calls, much of the filtering is already done by the daemon. -- Ed Schouten