[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: dpkg-statoverride vs. suidmanager

Wichert Akkerman wrote:
> Previously Joey Hess wrote:
> > I think there are still questions about how to transition a package from
> > suidregistered binaries to statoverridden binaries. After all, you don't
> > want whatever the user did with suidregister to be forgotten when they
> > upgrade..
> 
> How about dpkg 1.8 will read /etc/suid.conf and import it into the
> statoverride database? I could do that pretty easily.

What happens to packages that continue to use suidregister after that,
though? I guess suidregister in the postinst will override statoverride.
So:

1. foo is suid by default, and suidregistered
2. dpkg upgrade happens, so it is not statoverridden to suid
3. user makes foo non-suid, updates /etc/suid.conf
4. foo's package is converted to just use statoverride, so the changes
   from 3. are lost.

-- 
see shy jo
Reply to: