[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Uploaded faqomatic 2.506-2 (source all) to master

On Thu, 12 Feb 1998, Richard Roberto wrote:

> > Well, if fom is just a Perl script than I suggest moving the variable code
> > (e.g., variables) into a conffile /etc/fomrc (or similar) and include this
> > file within fom with "require '/etc/fomrc';" Does this solve the problem?
> > 
> > 
> fom is already a small stub.  Making it a much larger, more complex
> script just to meet an esoteric "conf file" policy seems rediculous.
> Besides it needing to untaint any external data, it may also need to
> run a different binary, depending on if you use a standard perl
> binary or the debian method.  This is for people who want (or need)
> to run the script setid (or run a setid embedded interpreter).  Am I
> off base on this?
> Perhaps the script isn't what needs tweaking, but rather the policy?

No. The reason for the policy is that /usr might be mounted read-only and
then, the sysadmin would never get a chance to modify this file. (Since
it's tagged as conffile, it can be assumed that modfying the file will
sometimes be necessary/useful.)

Just think of a network where /usr is mounted read-only from a NFS server
or even from a live CD-installation.



--                  Christian Schwarz
                     schwarz@monet.m.isar.de, schwarz@schwarz-online.com,
Debian has a logo!    schwarz@debian.org, schwarz@mathematik.tu-muenchen.de
Check out the logo     PGP-fp: 8F 61 EB 6D CF 23 CA D7  34 05 14 5C C8 DC 22 BA
pages at  http://fatman.mathematik.tu-muenchen.de/~schwarz/debian-logo/

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: