Re: Proposed policy on set-id programs
On Fri, 22 Nov 96 07:05 GMT, Ian Jackson writes:
>A Debian package may contain set-id programs only if approved by one
>of the Debian security reviewer(s) who is satisfied that:
>
>* If the program is set-gid (not set-uid) to a non-security-critical,
> non-core group such as games:
> - That this does not pose a significant risk to the remainder of the
> system.
Maybe its due to that English is not my first language, but in my
understanding, the sentence should read:
* If the program is set-gid (not set-uid) to a security-critical,
non-core group:
...
Or is games viewed as security-critical? And what happens with the
non-security setgid programs?
David
--
David Frey <david@eos.lugs.ch> |Microsoft isn't the answer...it's the QUESTION.
Schlieren, Switzerland |``No'' is the answer.
51F35923114FC8647D05FF173C61EFDE|Use Debian GNU/Linux!
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: