[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

uploaded ./gnuplot_3.5-7_i386


Format: 1.5
Date: Fri, 25 Oct 1996 18:52:06 +0200
Source: gnuplot
Binary: gnuplot
Architecture: source i386
Version: 3.5-7
Distribution: unstable
Urgency: low
Maintainer: joost witteveen <joost@rulcmc.leidenuniv.nl>
 gnuplot    - A command-line driven interactive function plotting utility.
 gnuplot (3.5-7) unstable; urgency=low
   * changed to new source format
   * removed one set of examples
   * included docs in .deb packag
 b8ac299bf1de90ac7133f089b4bd0846 535 math optional gnuplot_3.5-7.dsc
 79ff51b2d98d74ea2cc88e2395be7df7 632719 math optional gnuplot_3.5.tar.gz
 97872197f8b595d1e9b0c83f991dcc4e 387720 math optional gnuplot_3.5-7_i386.deb

Version: 2.6.2i


TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

>From miss
Received: from mongo.pixar.com (
  by master.debian.org with SMTP; 26 Oct 1996 13:38:41 -0000
Received: (qmail 1728 invoked from smtpd); 26 Oct 1996 13:27:04 -0000
Received: from primer.i-connect.net (HELO master.debian.org) (bruce@
  by mongo.pixar.com with SMTP; 26 Oct 1996 13:26:53 -0000
Date:	Fri, 25 Oct 1996 13:51:53 +0100
Message-Id: <199610251251.NAA00769@explosif.tls.co.uk>
From:	Kenneth MacDonald <kenny@ed.ac.uk>
To:	debian-devel@lists.debian.org
Subject: Re: More Debian v1.2 things...
In-Reply-To: <Pine.LNX.3.95.961025144521.529L-100000@siva.taz.net.au>
References: <87d8y874sj.fsf@aplysia.iway.aimnet.com>
Resent-Message-ID: <"tmzGt.0.lt2.FHXSo"@master.debian.org>
Resent-From: debian-devel@lists.debian.org
Resent-Reply-To: debian-devel@lists.debian.org
X-Mailing-List: <debian-devel@lists.debian.org> archive/latest/1531
X-Loop: debian-devel@lists.debian.org
Precedence: list
Priority: non-urgent
Importance: low
Resent-Sender: debian-devel-request@lists.debian.org

>>>>> "Craig" == Craig Sanders <cas@taz.net.au> writes:

    Craig> On 24 Oct 1996, Kevin Dalley wrote:

    >> Yes, dpkg can only be run as root.  Generally, it is necessary
    >> to use the root password in order to run dpkg.  Running dpkg is
    >> limited to people who have the root password.  Craig Saunders
    >> suggested having a setuid root program for novices.
    >> Unfortunately, having a setuid program means that anyone can
    >> install any program, included a setuid shell.  Having a root
    >> password is no longer necessary to do this.  Thus the
    >> additional security risk.

    Craig> that's why i said it should only be executable by those in
    Craig> a special group (e.g. a group called 'dpkg').

If you want dpkg to be suid root, and only executed by members of
group dpkg, then ordinary users cannot query the dpkg databases (dpkg
-l).  I feel this is a quite important feature - minimal privillages
for jobs that don't need operator status.

If you're installing/removing packages then only root should be able
to do so, since otherwise, root access can be gained easily by
installing a compromised package.

Just my £0.02 :)


TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to: