Re: setuid/setgid binaries contained in the Debian repository.

[Emile van Bergen <emile-deb@evbergen.xs4all.nl>]

Hi,

On Mon, Aug 11, 2003 at 04:16:24PM -0400, Matt Zimmerman wrote:

> On Mon, Aug 11, 2003 at 09:21:11PM +0200, Emile van Bergen wrote:
> 
> > About your example, it would indeed be nice if ports where exposed in
> > the filesystem, like /dev/ip/tcp/<port>, to each of which you could
> > assign an owner and a group. That way, the admin can control which uid
> > and gid can bind to what.
> 
> There is a kernel patch which does this.  Someone pointed it out on
> #debian-devel the other day.
> 
> > That installing new user software requires root is the fault of the system
> > integrator, not of unix' design. In the case of Debian, it would be lovely
> > if the user would have a tool to configure and build souce packages so
> > that they could be installed in ~/bin, ~/etc, ~/lib.
> 
> It would be nice indeed; it also turns out to be horrifically complex when
> you consider dependency relationships, unless you force the user to install
> another copy of all system software in their home dir as well.

Well, dpkg should probably concatenate /var/lib/dpkg/status and
~/var/lib/dpkg/status internally to see if build dependencies are
already satisfied by the global system.

Most --configure scripts should be able to search ~/lib as well as /lib,
/usr/lib and /usr/local/lib.

I don't see how this would be prohibitively complex. Sure, there are
some issues to be worked out, but basically comes down to allowing each
user to add a user-specific part to the in-memory package database when
running the package management tools.

Cheers,


Emile.

-- 
E-Advies - Emile van Bergen           emile@e-advies.nl      
tel. +31 (0)70 3906153           http://www.e-advies.nl