Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WH6Sy-0000nT-Ba for bitcoin-development@lists.sourceforge.net; Sat, 22 Feb 2014 06:53:40 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.214.43 as permitted sender) client-ip=209.85.214.43; envelope-from=laanwj@gmail.com; helo=mail-bk0-f43.google.com; Received: from mail-bk0-f43.google.com ([209.85.214.43]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1WH6Sx-00076i-GE for bitcoin-development@lists.sourceforge.net; Sat, 22 Feb 2014 06:53:40 +0000 Received: by mail-bk0-f43.google.com with SMTP id v15so37158bkz.16 for ; Fri, 21 Feb 2014 22:53:33 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.205.75.74 with SMTP id yz10mr2519852bkb.43.1393052013165; Fri, 21 Feb 2014 22:53:33 -0800 (PST) Received: by 10.205.75.72 with HTTP; Fri, 21 Feb 2014 22:53:33 -0800 (PST) In-Reply-To: <1393031340.6897.90.camel@staypuft> References: <1393031340.6897.90.camel@staypuft> Date: Sat, 22 Feb 2014 07:53:33 +0100 Message-ID: From: Wladimir To: "Dustin D. Trammell" Content-Type: multipart/alternative; boundary=f46d04103737662d9a04f2f93267 X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (laanwj[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1WH6Sx-00076i-GE Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Fwd: Bitcoin Core trial balloon: splitting blockchain engine and wallet X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 Feb 2014 06:53:40 -0000 --f46d04103737662d9a04f2f93267 Content-Type: text/plain; charset=UTF-8 On Sat, Feb 22, 2014 at 2:09 AM, Dustin D. Trammell < dtrammell@dustintrammell.com> wrote: > On Fri, 2014-02-21 at 07:43 +0100, Wladimir wrote: > > The most straightforward way would be to run the blockchain daemon as > > a system service (with its own uid/gid and set of Apparmor/SELinux > > restrictions) and the wallet daemon as the user. > > This assumes you as a user have the rights to do so. This would be > preferred, but in some cases may not be possible. Perhaps it should be > optional? > No! I'm proposing that we force everyone to do it. Using all means necessary. There should be regular audits that everyone is running the software exactly in my configuration, and if not, a special task force will take care that spankings are carried out on the spot. Repeated offenders will lose their BitLicense. Please stop kicking this dead horse. It was just a random idea. Maybe a way how Linux distributions could structure it, but it may or may not apply in your case. And that's fine, this is free software development, you can do whatever you want! Let's try to bring this discussion back to its original intention: for anyone that wants to concretely help this along, please help reviewing and testing the pull requests that jgarzik mentions. Wladimir BTW: All of those patches are helpful for monolithic-bitcoind as well as they (lay the groundwork for) speeding up block synchronization. --f46d04103737662d9a04f2f93267 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

= On Sat, Feb 22, 2014 at 2:09 AM, Dustin D. Trammell <<= a href=3D"mailto:dtrammell@dustintrammell.com" target=3D"_blank">dtrammell@= dustintrammell.com> wrote:
On Fri, 2014-02-21 at 07:43 +0100, Wladimi= r wrote:
> The most straightforward way would be to run the blockchain daemon as<= br> > a system service (with its own uid/gid and set of Apparmor/SELinux
> restrictions) and the wallet daemon as the user.

This assumes you as a user have the rights to do so. =C2=A0This would= be
preferred, but in some cases may not be possible. =C2=A0Perhaps it should b= e
optional?

No! I'm proposing that we= force everyone to do it. Using all means necessary. There should be regula= r audits that everyone is running the software exactly in my configuration,= and if not, a special task force will take care that spankings are carried= out on the spot.

Repeated offenders will lose their BitLicense.
</s>

Please stop kicking this dead hor= se. It was just a random idea. Maybe a way how Linux distributions could st= ructure it, but it may or may not apply in your case. And that's fine, = this is free software development, you can do whatever you want!

Let's try to bring this discussion back to its orig= inal intention: for anyone that wants to concretely help this along, please= help reviewing and testing the pull requests that jgarzik mentions.

Wladimir
BTW: All of those patches a= re helpful for monolithic-bitcoind as well as they (lay the groundwork for)= speeding up block synchronization.

--f46d04103737662d9a04f2f93267--