Re: Packages' use of dpkg-statoverride

To: debian-devel@lists.debian.org
Subject: Re: Packages' use of dpkg-statoverride
From: Matt Zimmerman <mdz@debian.org>
Date: Fri, 12 Jan 2001 11:14:48 -0500
Message-id: <[🔎] 20010112111445.F8682@alcor.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20010111193222.F28994@cistron.nl>; from wichert@valinux.com on Thu, Jan 11, 2001 at 07:32:22PM +0100
References: <[🔎] 20010110175215.A9409@pisces.woot.net> <[🔎] 20010111003311.G10966@cistron.nl> <[🔎] 20010111115944.R8682@alcor.net> <[🔎] 20010111180318.D23427@cistron.nl> <[🔎] 20010111121221.T8682@alcor.net> <[🔎] 20010111131759.A13804@pisces.woot.net> <[🔎] 20010111132429.Y8682@alcor.net> <[🔎] 20010111193222.F28994@cistron.nl>

On Thu, Jan 11, 2001 at 07:32:22PM +0100, Wichert Akkerman wrote:

> Previously Matt Zimmerman wrote:
> > As I said in my original message, to avoid a problem like this, all binaries
> > should be shipped non-suid, and optionally overridden to suid.
> 
> You should ship it in the most often used configuration, and set the
> override beforehand if needed. That way you don't get unexpected breakage
> if for some reason the install dies halfway through or takes very long.
> 
> I've seen lots of people complain about things like ping suddenly no
> longer being suid. statoverrides give us a way to close that window
> of brokenness - we have to us it.

It seems like we have to choose between a possible unwanted window of
non-suidness and a possible unwanted window of suidness.  I would choose the
former anyday.  Once the package has been installed for the first time, the
override should ensure that the permissions stay the same through future
upgrades.

Do users really expect a package to work before it has been installed and
configured for the first time?

-- 
 - mdz

Reply to:

Follow-Ups:
- Re: Packages' use of dpkg-statoverride
  - From: Edward Betts <edward@debian.org>
- Re: Packages' use of dpkg-statoverride
  - From: kaih@khms.westfalen.de (Kai Henningsen)

References:
- Packages' use of dpkg-statoverride
  - From: Joe Drew <hoserhead@woot.net>
- Re: Packages' use of dpkg-statoverride
  - From: Wichert Akkerman <wichert@valinux.com>
- Re: Packages' use of dpkg-statoverride
  - From: Matt Zimmerman <mdz@debian.org>
- Re: Packages' use of dpkg-statoverride
  - From: Wichert Akkerman <wichert@valinux.com>
- Re: Packages' use of dpkg-statoverride
  - From: Matt Zimmerman <mdz@debian.org>
- Re: Packages' use of dpkg-statoverride
  - From: Joe Drew <hoserhead@woot.net>
- Re: Packages' use of dpkg-statoverride
  - From: Matt Zimmerman <mdz@debian.org>
- Re: Packages' use of dpkg-statoverride
  - From: Wichert Akkerman <wichert@valinux.com>

Prev by Date: Re: Developer Behavior
Next by Date: Re: ITP: tmake
Previous by thread: Re: Packages' use of dpkg-statoverride
Next by thread: Re: Packages' use of dpkg-statoverride
Index(es):
- Date
- Thread