Re: Bug#4051: access permissions for /usr/bin/fdmount
Daniel Quinlan writes:
>> Package: fdutils
>> Version: 4.3-3
>>
>> /usr/bin/fdmount should be mode 4755, not 4750.
Michael Meskes <meskes@informatik.rwth-aachen.de> writes:
> I agree that the installation is not correct, but I doubt mode 4755
> is a solution. I for one don't like the idea that everyone is able
> to access my floppy drive. Since the Debian standard installation
> for floppy devices is mode 660 with owner root and group floppy I
> propose to use the same owner/group combination for fdmount.
>
> Any comments before I create a new version?
Use geteuid(2) and/or use a configuration file that says who has
access. Using permissions alone to dictate who has access to
*running* the binary is bad, IMHO, and I think the Debian package
guidelines agree (unless they've been changed). Even worse, it's a
`4750' binary in /bin -- so users are getting "permission denied"
errors for something in their path.
Dan
Reply to: