[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: shellutils grave bug

> > Found the problem: the slink version of debhelper didn't strip the
> > setuid bit from executables, the current potato version does.  Fix:
> >   dh_fixperms -Xbin/su
> > 
> > NMU is currently in progress.
> That or use dh_suidregister.
> That is what I did in my own local copy of shellutils (way back when glibc2.1
> first came out w/ utmpd, and who and w didn't work)

I thought about that, but decided against it: su is a little too
important IMHO to trust to the vagaries of shell scripts.  If
something breaks with suidregister or whatever -- whoosh! no /bin/su.
If a sysadmin wants something more secure or whatever, he should look
into secure-su.

But it's not my package; I've just uploaded a usable version, and it's
up to the maintainer where to go from here.



  Julian Gilbey, Dept of Maths, QMW, Univ. of London. J.D.Gilbey@qmw.ac.uk
        Debian GNU/Linux Developer,  see http://www.debian.org/~jdg

Reply to: