Re: More Debian v1.2 things...
Craig Sanders <cas@taz.net.au> writes:
> On Fri, 25 Oct 1996, Kenneth MacDonald wrote:
> > If you want dpkg to be suid root, and only executed by members of
> > group dpkg, then ordinary users cannot query the dpkg databases (dpkg
> > -l). I feel this is a quite important feature - minimal privillages
> > for jobs that don't need operator status.
> cant anybody understand plain english????
> for the last time:
> I DID NOT SAY I WANTED _DPKG_ TO BE SETUID ROOT OR EXECUTABLE
> ONLY BY MEMBERS OF GROUP DPKG.
> Read the thread.
> I was talking about a hypothetical program which provided a tk-based
> interface for dpkg/dselect. And even for that hypothetical program, I
> didn't say I wanted it setuid root, I was pointing out that *IF* it was
> suid root then having it executable only by members of a special group
> would help to minimise any potential security risks.
Doesn't the "sudo" program address this problem. (Allowing a group of
users to execute certain commands as root.)
Steve
dunham@gdl.msu.edu
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: