Setuid

To: Debian developers list <debian-devel@lists.debian.org>
Subject: Setuid
From: Ian Jackson <ian@chiark.greenend.org.uk>
Date: Fri, 15 Nov 96 04:42 GMT
Message-id: <m0vOG74-0004O4C@chiark.greenend.org.uk>

I'm sorry to say this but I am extremely unimpressed by the attitude
of certain developers to setuid programs.

I propose that we institute a stricter policy regarding setuid-root
code.

Some requirements I think might be useful, individually or in
combination would be:

* Code must have been written with the intent that it would be setuid.

* Code must be reasonably widely-used in the world at large.

* Code must be reviewed (possible alternative to widespread use?)

* Approval required by a security-conscious person that conditions
have been met.

* No practical solution available other that setuidness.  (This
condition should _not_ be sufficient.)

* Executable-only-by-group used to allow installation without risk of
compromise (appropriate for some kinds of program).

Ian.

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to:

Follow-Ups:
- Re: Setuid
  - From: Michael Meskes <meskes@Informatik.RWTH-Aachen.DE>
- Re: Setuid
  - From: "Brian C. White" <bcwhite@verisim.com>

Prev by Date: Suid issue + Packages available
Next by Date: Re: Suid issue + Packages available
Previous by thread: Re: debmake 1.97 uploaded
Next by thread: Re: Setuid
Index(es):
- Date
- Thread