Re: Uploaded faqomatic 2.506-2 (source all) to master
On Thu, 12 Feb 1998, Christian Schwarz wrote:
> On Thu, 12 Feb 1998, Richard Roberto wrote:
>
> [snip]
> > > Well, if fom is just a Perl script than I suggest moving the variable code
> > > (e.g., variables) into a conffile /etc/fomrc (or similar) and include this
> > > file within fom with "require '/etc/fomrc';" Does this solve the problem?
> > >
> > >
> > fom is already a small stub. Making it a much larger, more complex
> > script just to meet an esoteric "conf file" policy seems rediculous.
> > Besides it needing to untaint any external data, it may also need to
> > run a different binary, depending on if you use a standard perl
> > binary or the debian method. This is for people who want (or need)
> > to run the script setid (or run a setid embedded interpreter). Am I
> > off base on this?
> >
> > Perhaps the script isn't what needs tweaking, but rather the policy?
>
> No. The reason for the policy is that /usr might be mounted read-only and
> then, the sysadmin would never get a chance to modify this file. (Since
> it's tagged as conffile, it can be assumed that modfying the file will
> sometimes be necessary/useful.)
>
> Just think of a network where /usr is mounted read-only from a NFS server
> or even from a live CD-installation.
The point is that it would only be modified once, when set up. Certainly
not any more frequently than one would mount /usr read-write to update it.
In any case, this discussion is pretty much moot as I've hacked the fom
file to use /etc/fom.conf in the 2.506-3 release.
(note, I will consider unhacking it if there is enough demand from people
who actually use the package)
--
Scott K. Ellis <storm@gate.net> http://www.gate.net/~storm/
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: