Re: Bug#27050 (fdutils): A cause for security concern?

To: debian-devel@lists.debian.org
Subject: Re: Bug#27050 (fdutils): A cause for security concern?
From: Joey Hess <joey@kitenet.net>
Date: Thu, 21 Jan 1999 22:01:11 -0800
Message-id: <[🔎] 19990121220111.K27967@kitenet.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 19990119230411.C6726@visi.net>; from Ben Collins on Tue, Jan 19, 1999 at 11:04:11PM -0500
References: <[🔎] Pine.A41.3.96.990119141915.52336A-100000@gpu5.srv.ualberta.ca> <[🔎] 19990119164337.B6726@visi.net> <[🔎] 19990119171601.C15042@worldvisions.ca> <[🔎] 19990120141859.A3200@sacrifice> <[🔎] 19990119230411.C6726@visi.net>

Ben Collins wrote:
> Any program that is suid or sgid for no reason what-so-ever is always a
> reason for a bug report, especially if it's suid root...we need some
> automatic catch for new packages that have suid or sgid binaries in
> them, or call suidregister.

Lintian can serve as a check for the former case. See
http://master.debian.org/~dark/lintian/reports/Tsetuid-binary.html

I don't think it handles suidmanager yet.

-- 
see shy jo

Reply to:

References:
- Bug#27050 (fdutils): A cause for security concern?
  - From: Anthony Fok <foka@ualberta.ca>
- Re: Bug#27050 (fdutils): A cause for security concern?
  - From: Ben Collins <bmc@visi.net>
- Re: Bug#27050 (fdutils): A cause for security concern?
  - From: Avery Pennarun <apenwarr@worldvisions.ca>
- Re: Bug#27050 (fdutils): A cause for security concern?
  - From: Robert Donn <squirk@ihug.co.nz>
- Re: Bug#27050 (fdutils): A cause for security concern?
  - From: Ben Collins <bmc@visi.net>

Prev by Date: Re: Bug#27050 (fdutils): A cause for security concern?
Next by Date: Re: Intent to package rolldice, blackjack
Previous by thread: Re: Bug#27050 (fdutils): A cause for security concern?
Next by thread: Re: Bug#27050 (fdutils): A cause for security concern?
Index(es):
- Date
- Thread