diff options
Diffstat (limited to 'website/bugs/list-id-certifiers-should-run-non-priv.mdwn')
-rw-r--r-- | website/bugs/list-id-certifiers-should-run-non-priv.mdwn | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/website/bugs/list-id-certifiers-should-run-non-priv.mdwn b/website/bugs/list-id-certifiers-should-run-non-priv.mdwn new file mode 100644 index 0000000..2a3d533 --- /dev/null +++ b/website/bugs/list-id-certifiers-should-run-non-priv.mdwn @@ -0,0 +1,19 @@ +[[meta title="list-identity-certfiers should run as the non-privileged user"]] + +Right now, `monkeysphere-server list-identity-certifiers` runs as the +superuser, and just lists the keys in the host's keyring. This might +not be the actual list of valid id certifiers, for a number of reasons: + +* the keys themselves might have been revoked by the owner + +* the id-certifiers might have been added with a different trust + level, or a regexp/domain limitation. + +It would make more sense to derive the list of trusted certifiers +directly from the keyrings as seen by the non-privileged +`monkeysphere` user, since this user's keyrings are what are going to +judge the validity of various user IDs. + +--- + +[[bugs/done]] 2008-08-16 in a29b35e69d0fab5f2de42ed5edd9512a6552e75a |