[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Suid issue + Packages available

Since some people feel strongly about setuid/setgid issues here are the 
packages that I am maintaining that contain setuid/setgid things. If you
are willing to do a security review and maintain the package then
I will be glad to give it to you.

The discussion going on right now is not very productive lets stop it and
continue with some more fruitful issues.

dosemu	Suid priviledges for 8086 Emulation
ppp-2.2.0f Suid priviledges to be able to use ppp interfaces of the kernel.
ppp-2.3b3 Not yet released
rlpr	Suid priviledges to print from a priviledged port
elks	Suid priviledges so users can execute 8086 Binaries
ircd	Suid priviledges for user/group ircd so that ircd does not run as root.

The following packages do not contain setuid files but contain
scripts/instructions to enable restricted setuid usage:

debmake		Miquels Suidwrapper adapted (but program development is inherently insecure)
netdiag		Enables execution of network diag commands for a group of users
		(Needed for our staff on Campus for example)

I just dont get around to several issues in my packages. Perhaps someone
else has time for one or more of the following packages?

adbbs	A BBS in Perl. Needs a better setup of pre-customized files
defrag	Needs to be able to be compiled under 2.0.24 and made available
	for other architectures than i386.
elks	I dont use it right now. Contains lots of 8086 stuff that need work.
fdos	FreeDOS. There are issues on the fdos mailing list that need
dosemu	Dos Emulator. There is a new release out there (which seems to be
	buggy though?).
fvwm95	Should be hooked up to the menuing system being developed
ibcs	I dont use it since the application we tried to use did not work.
	All releases are essentially untested.
ircd	Dont use it. Would need automated undernet setup.
pax	An attempt to standardize archives that needs some attention in
	the next months.
rpm	Someone should try to get on the RPM mailing list at Red Hat
	and follow issues / offer suggestions that might eventually lead
	to a unified packaging standard for Linux.
smartlist	Needs to be joined with procmail (same sourcepackage!)
	There is a new release upcoming
ncsa	If wn gets unusable we might have to backtrack to NCSA for
	a low resource local webserver (manpages and docs and such).
man2html	Views manpages as html. Allow full text search of all
	manpages. Needs to be adapted to new evolving standards.

If no one volunteers then I will just drag them along...

Other available packages that do not need work right now but that others
could take:

hwtools	Tools to change SCSI settings. Analyse I/O ports etc etc
idled	Throw out idle users
netdiag	Network diagnostic tool collection
rlpr	Remote printing
snarf	Download files via HTTP etc.
syslinux	Boot Loader used by Debian Bootdisks
svgatextmode	Higher Res. Video Modes.

--- +++ --- +++ --- +++ --- +++ --- +++ --- +++ --- +++ ---
PGP Public Key  =  FB 9B 31 21 04 1E 3A 33  C7 62 2F C0 CD 81 CA B5 

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to: