Re: Suid Manager Proposal

To: clameter@waterf.org (Christoph Lameter)
Cc: bmbuck@acsu.buffalo.edu, jgoerzen@complete.org, debian-devel@lists.debian.org
Subject: Re: Suid Manager Proposal
From: Chris Fearnley <cjf@netaxs.com>
Date: Thu, 21 Nov 1996 15:53:28 -0500 (EST)
Message-id: <199611212053.PAA06209@unix3.netaxs.com>
In-reply-to: <Pine.LNX.3.95.961121075655.23268D-100000@waterf.org> from "Christoph Lameter" at Nov 21, 96 07:57:37 am

I like the proposal.  I think suidregister needs to be part of dpkg.
Policy should state that no package should have any suid binaries
(dpkg could eventually be modified to insist upon this).  All suid and
sgid bits would be added in the postinst by calling suidregister.
Would suidregister cooperate/supplement PAM or will PAM make
suidregister unnecessary (I haven't looked at PAM yet)?

'Christoph Lameter wrote:'
>
>Configuration file:
>-------------------
>
>/etc/suid.conf
>
>containing lines of the form
>
>whodoneit binary user group mode
>
>Where "whodoneit" is either the package name responsible for installing the
>settings or "user" for a user override.

I don't see the need for the whodoneit field.  I think the behavor of
suidregister should be to preserve any settings found in
/etc/suid.conf.  No package should override the settings ever.  The
package can ask for the proper settings on initial installation, but
would rely on /etc/suid.conf thereafter.

>Example line:
>
>sendmail /usr/bin/sendmail root mail 2755
>
>Example override:
>
>user /usr/bin/sendmail root root 4755 
>
>
>Registering a binary (from postinst or an administrator modifying settings):
>---------------------------------------------------------------------------
>
>suidregister [options] binary user group mode
>
>will modify the binary to have the given user group and mode.
>
>where options can be:
>
>-f		Force. A package does not allow the user to override settings. Enforce the
>        	setting at all times. If a "user" line is present in /etc/suid.conf erase it.

No.  I don't think a -f option is appropriate.  I don't want any
package to use this feature ... ever!

>-s <Package>	Standard settings for a package. This option must always be given if a package
>		installs a setuid binary.
>
>Calling suidregister without any options will simply verify that all the
>settings are the way indicated in the config file. It gives warnings and
>corrects each file not set up correctly.

This would be way cool!  It could be run in cron.daily.

>Unregistering binaries (from postrm):
>-------------------------------------
>suidunregister binary
>
>
>Example:
>
>The postinst of sendmail could do the following:
>
>suidregister -s sendmail /usr/bin/sendmail root mail 2755
>
>
>And the postrm:
>
>suidunregister /usr/bin/sendmail

-- 
Christopher J. Fearnley            |    Linux/Internet Consulting
cjf@netaxs.com, cjf@onit.net       |    UNIX SIG Leader at PACS
http://www.netaxs.com/~cjf         |    (Philadelphia Area Computer Society)
ftp://ftp.netaxs.com/people/cjf    |    Design Science Revolutionary
"Dare to be Naive" -- Bucky Fuller |    Explorer in Universe

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to:

Follow-Ups:
- Re: Suid Manager Proposal
  - From: Christoph Lameter <clameter@waterf.org>
- Re: Suid Manager Proposal
  - From: Christoph Lameter <clameter@waterf.org>

References:
- Suid Manager Proposal
  - From: Christoph Lameter <clameter@waterf.org>

Prev by Date: Re: dpkg-gencontrol problems
Next by Date: standard for web servers
Previous by thread: Suid Manager Proposal
Next by thread: Re: Suid Manager Proposal
Index(es):
- Date
- Thread