[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#3063: sudo executable not readable?

> Rob Leslie writes:
> > 
> > Package: sudo
> > Version: 1.4.2-1
> > 
> > deimos:~:[47]# ls -l =sudo =visudo
> > ---s--x--x   1 root     root        37996 Apr 17 07:44 /usr/bin/sudo
> > ---x--x--x   1 root     root        21900 Apr 17 07:44 /usr/sbin/visudo
> > 
> > Is there a compelling reason not to give these files mode 4755 and 755
> > (respectively) as the packaging guidelines suggest?
> Thinking about it one more time I wonder why the program should have mode
> 4755, except that this is what the packaging guidelines suggest. Personally
> I'd like to have noone read it (call me paranoid :-)). Any opinions?

I think it's because we prefere giving paranoid people a REAL
sence of security, as opposed to a fake one: makeing them unreadeble
doens't offer any security as far as I know (certainly not for
freely copyable debian packages).

I guess for paranoid people, appart from seeing a doctor, it's best
to know what parts can be compromised, rather than letting him think
it's safe, and then later he'll have a BIG shock when he sees he was
wrong in thinking he was safe (this is a really bad experience for
paranoid people, I guess).

BTW, thanks very much for the work on Debian, I really love you
and your work, (really, don't be paranoid in thinking I don't, 
I really love all Debian devellopers), keep up the good work, cheers,

> Michael Meskes      
> Use Debian Linux!   

joost witteveen
Use Debian Linux!

Reply to: