Bug#342455: tech-ctte: Ownership and permissions of device mapper block devices
On 12/16/05, Bastian Blank <firstname.lastname@example.org> wrote:
> On Wed, Dec 14, 2005 at 01:54:45PM +0000, Ian Jackson wrote:
> > Are you saying that the current default permissions on (eg) /dev/hda*
> > are insecure and therefore wrong ?
> Yes, I overwrite them on my machines.
And what is your reason for being unwilling to use the same procedure
on devmapper disks?
Do you believe that debian should deliver a patchwork collection of
administrative decisions, such that every time a new package is
installed a new set of administrative policies must be learned and
new procedures must be adopted by the users?
Personally, I'm using a system where the only way to obtain root access
is to log in as root -- there's no privileges gained through suid binaries.
Perhaps you'd like to use some significant packages configured this way
since it fixes something I consider to be a security problem?
Note also that your inconsistency is an inconsistency. You've not
fixed the "problem" in all packages, only one package. You've not
proposed anything to the community in general which addresses this
issue. Instead, you've created problems for people without really
improving the security of debian systems in general.
This is a good idea?
What good thing have you accomplished?