Re: our broken man package

To: debian-devel@lists.debian.org, Joey Hess <joeyh@debian.org>, man-db@packages.debian.org
Subject: Re: our broken man package
From: Nicolás Lichtmaier <nick@debian.org>
Date: Fri, 5 Jan 2001 01:09:17 -0300
Message-id: <[🔎] 20010105010916.A1083@debian.org>
In-reply-to: <[🔎] 20010103223319.N28241@plato.local.lan>; from erbenson@alaska.net on Wed, Jan 03, 2001 at 10:33:19PM -0900
References: <[🔎] 20010103152303.A6251@kitenet.net> <[🔎] 20010103223319.N28241@plato.local.lan>

> the problem with this is you end up with the catman files owned by
> whatever user reads whatever man page.  personally as a sysadmin i
> don't want users gaining write permission to files in any more places
> under /var then there already is (ahem texmf).  i am not certain if
> there is potential security threats to users being able to write bogus
> catman files, perhaps via groff tricks there is.  

 There could be a helper setuid program, man-cache-writer. man would call
this program and pipe it the catpage. man-cache-writer would just write it's
stding to the proper place. End of the problems.

Reply to:

Follow-Ups:
- Re: our broken man package
  - From: Michael Stone <mstone@debian.org>

References:
- our broken man package
  - From: Joey Hess <joeyh@debian.org>
- Re: our broken man package
  - From: Ethan Benson <erbenson@alaska.net>

Prev by Date: find/locate both segfault after today's update [unstable]
Next by Date: Re: find/locate both segfault after today's update [unstable]
Previous by thread: Re: our broken man package
Next by thread: Re: our broken man package
Index(es):
- Date
- Thread