Sunday, February 13, 2011

TP2 Security Improvements underway

I've recently started a series of changes to improve security and auditing facilities for TP2. First up are changes to implement secure repository management. Essentially the tp2 command set now provides tools to set and manage ACLs (Access Control Lists) on repositories. To support this the daemon process indirectly can be used to copy, remove, sign and un-sign packages in such repositories as well as provide repository index update services as before.

The range of services that the daemon provides will continue to grow as a lot more work on security and auditing is in the roadmap. Because of this the handling of requests by the daemon has also been re-written. In the previous versions it only handled requests in a single threaded manner. Now, however it supports an architecture for requests to be handled in the background - and all long-running requests now use this facility. The result is that the daemon can cope better with multiple requests issued at the same time.

No comments:

Post a Comment