Re: Audio Apps Mini-Policy, v0.1
On Tue, Oct 28, 2003 at 02:11:47PM +0100, Andreas Metzler wrote:
> > Why read only for other? Given that they can't execute what is
> > presumably a compiled binary I'd treat them as untrusted and not allow
> > them to read it at all.
>
> Why? Quoting policy because I can't reason better: "They should not be made
> unreadable [...]; doing so achieves no extra security, because anyone can find
> the binary in the freely available Debian package; it is merely inconvenient.
> For the same reason you should not restrict read or execute permissions on
> non-set-id executables."
Ahhh a section I had read and then blissfully forgotten. I guess I
agree with the assessment there.
> If you decide to allow selecting permissions with debconf at
> install-time via debconf you have to take care of dpkg-statoverride
> one way or the other:
Agreed.
Steve
--
# Debian Security Audit Project
http://www.steve.org.uk/Debian/
Reply to: