Re: shellutils grave bug
Package: shellutils
Version: 1.16-6.5+
Severity: wishlist
Good point; putting it in the shellutils package as a wishlist bug.
Julian
> James Troup <james@nocrew.org> writes:
>
> > Julian Gilbey <J.D.Gilbey@qmw.ac.uk> writes:
> >
> > > Four or five bug reports have just been submitted because the i386
> > > port of shellutils (just uploaded by the autobuilder, I would guess
> > > -- haven't checked) has a non-setuid-root su.
> >
> > Sorry, about this. FWIW, I do test install all daemon built base
> > packages (regardless of architecture) before uploading them, I just
> > didn't catch this (and wouldn't, I never/rarely run an unsudoed su).
>
> Can I use this opportunity to suggest that you add the following test
> script to shellutils:
>
> ---</usr/lib/debian-test/tests/shellutils>---
> #!/usr/bin/perl
>
> use Debian::DebianTest ;
>
> sub test_su_perms {
> my ($dev,$inode,$mode,@therest) = stat("/bin/su") ;
>
> printf "/bin/su's mode = 0%o\n", $mode ;
>
> return (0104755 == $mode) ;
> }
>
> runtest("/bin/su perms", \&test_su_perms) ;
> ---------------------------------------------
>
> and install the debian-test package, and run ``debian-test -a'' after
> your test install.
>
> I know the current battery of tests is totally feeble, but until people
> start adding tests like this whenever bugs pop up, they're going to
> stay feeble.
>
> If on the other hand simple tests like this are added, as bugs occur,
> we can pretty much guarantee we'll only see each bug once.
>
> Cheers, Phil.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Julian Gilbey, Dept of Maths, QMW, Univ. of London. J.D.Gilbey@qmw.ac.uk
Debian GNU/Linux Developer, see http://www.debian.org/~jdg
Reply to: