Re: How Debian Linux could be made more secure

To: debian-devel@lists.debian.org
Subject: Re: How Debian Linux could be made more secure
From: dark@xs4all.nl (Richard Braakman)
Date: Wed, 29 Apr 1998 11:37:18 +0200 (CEST)
Message-id: <[🔎] m0yUTIk-001NHZC@night>
In-reply-to: <[🔎] 19980428195949.G20848@kuolema.Infodrom.North.DE> from Martin Schulze at "Apr 28, 98 07:59:49 pm"

Martin Schulze wrote:
> I thought lintian already detects setuid binaries and needs
> confirmation by the author that it needs to be setuser or
> not.

Not really.  It warns for suid and sgid binaries in the package; but often,
packages don't include such binaries directly.  They call suidregister
in the postinst, and use chown and chmod if suidregister is not available.

Lintian would have to parse that in order to get a full list, and it
doesn't do that (yet).

Richard Braakman

--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: How Debian Linux could be made more secure
  - From: Raul Miller <rdm@test.legislate.com>

References:
- Re: How Debian Linux could be made more secure
  - From: Martin Schulze <joey@kuolema.Infodrom.North.DE>

Prev by Date: Re: Lilo..
Next by Date: Re: X and Window Mangers
Previous by thread: Re: How Debian Linux could be made more secure
Next by thread: Re: How Debian Linux could be made more secure
Index(es):
- Date
- Thread