[Yum-devel] [RFC] Split yum into separate processes

Steve Lawrence slawrence at tresys.com
Fri Sep 17 20:49:08 UTC 2010


A few months ago we talked about the possibility of splitting yum into
separate processes so that SELinux could be used to confine access.
While the ultimate  goal would be to have quite a few different
processes, we think an easy and beneficial place to start would be to
separate just the network access into another process.

The idea is to create a wrapper around all of urlgrabber or just around
the pycurl part (we're not sure which would be better) and have that
executed whenever network access is needed. This would probably mean
that the wrapper would basically have to reimplement either the
urlgrabber or pycurl API, so we thought we'd ask to see which  would be
the better method, or if you have any ideas for a better way to achieve
this.

Thoughts?

- Steve


More information about the Yum-devel mailing list