From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id ePhDHq2wgF9ZfQAA0tVLHw (envelope-from ) for ; Fri, 09 Oct 2020 18:49:17 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id WIMjGq2wgF97PAAAB5/wlQ (envelope-from ) for ; Fri, 09 Oct 2020 18:49:17 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 1D9449401CD for ; Fri, 9 Oct 2020 18:49:15 +0000 (UTC) Received: from localhost ([::1]:42314 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kQxS4-0002RP-Bm for larch@yhetil.org; Fri, 09 Oct 2020 14:49:12 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:38526) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kQxRu-0002Q2-CS for guix-patches@gnu.org; Fri, 09 Oct 2020 14:49:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:52895) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kQxRu-0005We-3N for guix-patches@gnu.org; Fri, 09 Oct 2020 14:49:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kQxRu-0003wH-2I for guix-patches@gnu.org; Fri, 09 Oct 2020 14:49:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#43851] [PATCH] gnu: sudo: Depend on python-minimal instead of python. Resent-From: Tobias Geerinckx-Rice Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 09 Oct 2020 18:49:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 43851 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Maxim Cournoyer Cc: 43851@debbugs.gnu.org, Jan Nieuwenhuizen Received: via spool by 43851-submit@debbugs.gnu.org id=B43851.160226933815132 (code B ref 43851); Fri, 09 Oct 2020 18:49:02 +0000 Received: (at 43851) by debbugs.gnu.org; 9 Oct 2020 18:48:58 +0000 Received: from localhost ([127.0.0.1]:36208 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kQxRq-0003vz-56 for submit@debbugs.gnu.org; Fri, 09 Oct 2020 14:48:58 -0400 Received: from tobias.gr ([80.241.217.52]:34212) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kQxRn-0003vq-Rb for 43851@debbugs.gnu.org; Fri, 09 Oct 2020 14:48:57 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tobias.gr; s=2018; bh=qonc7SVuA5QA6x/Arxx91LzFshzrhzrts+WM16G3f14=; h=date:in-reply-to: references:subject:cc:to:from; b=Rq1M07B6/Pm5RO2U1xYTprH29ULvCYAId0Zh2 CCVQ2UMJqMSli794w3VYThBfNTwkMDDeLneYa9idh0JYXs+0p7AvJoyVAzERqjmPjtPocD jNfFN9aHenRgWl5xcIvh2wBP9Y9E6WRMjPVHd1SSx8u72OYxAs4POCGfnJ1fU21QMRLQKL nI3vEmR36mnxg3eziV5lul1WqxphtrbJ0z3ZGXfoljJHswGWgbkw3+cAP75iuTLG+R3Ocx faHxe/qDSXcnw/3OQFgT/Ju0wD9W+1s9ycboYEYz/hBB0yq/qlA2p6tH1J76NDsB+fi2b2 z/28NQo1VMbqgLrDpDD0Qdr3g== Received: by submission.tobias.gr (OpenSMTPD) with ESMTPSA id 05c6611f (TLSv1.2:ECDHE-ECDSA-AES256-GCM-SHA384:256:NO); Fri, 9 Oct 2020 18:49:04 +0000 (UTC) BIMI-Selector: v=BIMI1; s=default; References: <87362qc6hw.fsf@gnu.org> <87v9fld9al.fsf@nckx> <87wnzzqn8y.fsf@gmail.com> In-reply-to: <87wnzzqn8y.fsf@gmail.com> Date: Fri, 09 Oct 2020 20:48:55 +0200 Message-ID: <87imbjz148.fsf@nckx> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -3.3 (---) X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" Reply-to: Tobias Geerinckx-Rice , Tobias Geerinckx-Rice via Guix-patches From: Tobias Geerinckx-Rice via Guix-patches via X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=fail (rsa verify failed) header.d=tobias.gr header.s=2018 header.b=Rq1M07B6; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Spam-Score: -3.11 X-TUID: jZvk7TcdIl4O --=-=-= Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Heyho Maxim, Maxim Cournoyer =E5=86=99=E9=81=93=EF=BC=9A > What kind of uses does the Python bindings provide? They're not bindings in the way I understand the term; more like a=20 plug-in interface that allows you to implement security policies=20 beyond the rudimentary =E2=80=98sudoers=E2=80=99 format (or writing a C ext= ension=20 *shudder*). Basically: what we would have used Guile for :-) The rest of the world uses Python. However, PAM is not relevant to the discussion & served only to=20 confuse. > If we don't have any use for it, I think it may be better to let=20 > the > dependency go altogether, to keep sudo as small and secure as=20 > possible. I don't think sudo is either, nor does the presence of Python=20 affect that meaningfully. But let's stop this pointless=20 discussion since removing it helps the Hurd progress. That's=20 enough. The Hurd is a lot more exciting than the removal of sudo Python=20 support -- and actually *will* improve security! \o/, T G-R --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iIMEARYKACsWIQT12iAyS4c9C3o4dnINsP+IT1VteQUCX4Cwlw0cbWVAdG9iaWFz LmdyAAoJEA2w/4hPVW152rMA/0FsehkCPQ3219EJHTiYyd64DmgvSeU5p6qk8nMU iOOXAP4u8dVyKulU6tW1TatGVafuFr+ETtxe/eg/boDY0Ft6BA== =2wO0 -----END PGP SIGNATURE----- --=-=-=--