Re: Suid Manager?

To: bmbuck@LuciaDiLammermoor.acsu.buffalo.edu (Buddha M Buck)
Cc: debian-devel@lists.debian.org
Subject: Re: Suid Manager?
From: Buddha M Buck <bmbuck@ACSU.Buffalo.EDU>
Date: Thu, 21 Nov 1996 12:05:54 -0500 (EST)
Message-id: <199611211705.MAA03323@LuciaDiLammermoor.acsu.buffalo.edu>
In-reply-to: <m0vQVwE-000AkoC@liw> from "Lars Wirzenius" at Nov 21, 96 12:00:53 pm

> 
> [ Please don't Cc: me when replying to my message on a mailing list. ]
> 
> Buddha Buck:
> > I also think that it should be stated (and enforced, if possible) 
> > policy that packages cannot modify the modes or owners of files they do 
> > not own, nor can they set the UIDs and GIDs of files to users and 
> > groups that are not installed either by base-passwd or by that package 
> > itself.
> 
> Or one of the packages it depends on?
> 

I thought about that, and decided against it as overly complex.  The
more I think about it, the worse it gets.

The problem (as I see it) is that a package can't control what users
are created by other packages.  (presumably, base-passwd will be
static enough to be relied upon).  However, I could easily imagine
package A 1.0  providing 7 new users, upon which package B depemds,
but package A 2.0 being reorganized to only need (and provide) 3
users, thus breaking package B.

A solution would be to implement Provides-users: and Depends-users:,
but that (IMHO) complicated things way to much.


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to:

References:
- Re: Suid Manager?
  - From: Lars Wirzenius <liw@iki.fi>

Prev by Date: PPP 2.3b3
Next by Date: Re: BS versus DEL (was: I18N for Debian 1.3?)
Previous by thread: Re: Suid Manager?
Next by thread: Suid Manager Proposal
Index(es):
- Date
- Thread