19 Oct
2023
19 Oct
'23
1:28 p.m.
because it's explicitly requested. man machine-id
This ID uniquely identifies the host. It should be considered "confidential", and must not be exposed in untrusted environments, in particular on the network. If a stable unique identifier that is tied to the machine is needed for some application, the machine ID or any part of it must not be used directly. Instead the machine ID should be hashed with a cryptographic, keyed hash function, using a fixed, application-specific key. That way the ID will be properly unique, and derived in a constant way from the machine ID but there will be no way to retrieve the original machine ID from the application-specific one. The sd_id128_get_machine_app_specific(3) API provides an implementation of such an algorithm.
(looks like /etc/machine-id should never have been user readable, and this is about reducing the exposure)
for the second patch in the serie, the we need to craft missing info (because some DMI fields are only readble by root), do you also recommand to reuse directly machine-id? (it would be better to not tie the values to a given prefix, anticheat vendors will not like it), so the least worst choice is deriving from machine-id.