Open mmeeks opened 8 months ago
Seems named pipes bring a whole load of pain with them: checkout - https://github.com/CollaboraOnline/online/compare/private/mmeeks/fiforandom?expand=1 which appears to work but ... not in a nice way.
Quite possibly we need to either patch NSS, or require a working 'getrandom' system call - which dates from October 2014 - so - surely must be widely deployed.
Instead lets use getentropy / getrandom properly:
https://gerrit.libreoffice.org/c/core/+/165824 https://gerrit.libreoffice.org/c/core/+/165820 https://github.com/CollaboraOnline/online/pull/8715
go in this direction.
Ok - so then the problem is that glibc is badly out of date with kernels - and only just got getrandom. So we need to either use the system-call directly - or - I have a better idea - which is to share a single file-descriptor to /dev/urandom between all our Kit processes =)
We currently have a problem when people use the 'nodev' attribute on mounts, and of course people love to lock down the system so nothing can be done with it so we should:
What follows is a bad design that it turns out doesn't work: =)
FIFOs ensure that only one opener at the other end gets each chunk of data, and all should be well emulating these simple devices this way.
Then we should drop CAP_MKNOD and the problems that come with this like this: