uploaded ./gnuplot_3.5-7_i386
-----BEGIN PGP SIGNED MESSAGE-----
Format: 1.5
Date: Fri, 25 Oct 1996 18:52:06 +0200
Source: gnuplot
Binary: gnuplot
Architecture: source i386
Version: 3.5-7
Distribution: unstable
Urgency: low
Maintainer: joost witteveen <joost@rulcmc.leidenuniv.nl>
Description:
gnuplot - A command-line driven interactive function plotting utility.
Changes:
gnuplot (3.5-7) unstable; urgency=low
.
* changed to new source format
* removed one set of examples
* included docs in .deb packag
Files:
b8ac299bf1de90ac7133f089b4bd0846 535 math optional gnuplot_3.5-7.dsc
79ff51b2d98d74ea2cc88e2395be7df7 632719 math optional gnuplot_3.5.tar.gz
97872197f8b595d1e9b0c83f991dcc4e 387720 math optional gnuplot_3.5-7_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
iQCVAwUBMnH+d5NVaG8BiEBRAQFFhwP/SjERFPPDd2KUIn6LrR2LGyZXRjdCRoUo
SecxREWSsT8WBmgHxjXOTyl1362StPHqKwoyOO2OP82u5v0jtOr0G/78zap+S6y/
hoX5+sbXqt0vYD+SG2o4hQAGYDLO063Z4Ja105RiUWIgeFGroL6RG6VrARZwok0N
xPEwv9FVRDE=
=mnW6
-----END PGP SIGNATURE-----
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
>From miss
Received: from mongo.pixar.com (138.72.50.60)
by master.debian.org with SMTP; 26 Oct 1996 13:38:41 -0000
Received: (qmail 1728 invoked from smtpd); 26 Oct 1996 13:27:04 -0000
Received: from primer.i-connect.net (HELO master.debian.org) (bruce@206.139.73.13)
by mongo.pixar.com with SMTP; 26 Oct 1996 13:26:53 -0000
Date: Fri, 25 Oct 1996 13:51:53 +0100
Message-Id: <199610251251.NAA00769@explosif.tls.co.uk>
From: Kenneth MacDonald <kenny@ed.ac.uk>
To: debian-devel@lists.debian.org
Subject: Re: More Debian v1.2 things...
In-Reply-To: <[🔎] Pine.LNX.3.95.961025144521.529L-100000@siva.taz.net.au>
References: <[🔎] 87d8y874sj.fsf@aplysia.iway.aimnet.com>
<[🔎] Pine.LNX.3.95.961025144521.529L-100000@siva.taz.net.au>
Resent-Message-ID: <"tmzGt.0.lt2.FHXSo"@master.debian.org>
Resent-From: debian-devel@lists.debian.org
Resent-Reply-To: debian-devel@lists.debian.org
X-Mailing-List: <debian-devel@lists.debian.org> archive/latest/1531
X-Loop: debian-devel@lists.debian.org
Precedence: list
Priority: non-urgent
Importance: low
Resent-Sender: debian-devel-request@lists.debian.org
>>>>> "Craig" == Craig Sanders <cas@taz.net.au> writes:
Craig> On 24 Oct 1996, Kevin Dalley wrote:
>> Yes, dpkg can only be run as root. Generally, it is necessary
>> to use the root password in order to run dpkg. Running dpkg is
>> limited to people who have the root password. Craig Saunders
>> suggested having a setuid root program for novices.
>> Unfortunately, having a setuid program means that anyone can
>> install any program, included a setuid shell. Having a root
>> password is no longer necessary to do this. Thus the
>> additional security risk.
Craig> that's why i said it should only be executable by those in
Craig> a special group (e.g. a group called 'dpkg').
If you want dpkg to be suid root, and only executed by members of
group dpkg, then ordinary users cannot query the dpkg databases (dpkg
-l). I feel this is a quite important feature - minimal privillages
for jobs that don't need operator status.
If you're installing/removing packages then only root should be able
to do so, since otherwise, root access can be gained easily by
installing a compromised package.
Just my £0.02 :)
Kenny.
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: