Il mer, 2002-02-06 alle 14:39, Kevin B. McCarty ha scritto: > It would be useful to many people if regular users could install Debian > packages into their home directories, but this would take an immense > amount of effort to make practical. This suggestion might be the next > best thing. Assuming that security issues could be resolved, make apt-get > and/or dpkg setuid root so that the following could be implemented: > > * Any user can install a package, except when: > 1) it would Conflict: with a package already installed by root > or by a different user > 2) it would make the amount of free space available on any > partition less than some absolute size and/or percentage, > specifiable by root in a conf-file > 3) it appears in a list of packages that root specifies may NOT > be user-installed (/etc/packages.deny) the user prepares a nice package with a well-chosen name and put inside a suid shell and install it. wow! root shell gained without any effort! nice idea... :( > 4) it does NOT appear in a list of packages that root specifies > may be installed (/etc/packages.allow) if root can forsee the packages a user will need, she can install them now! hd are so cheap nowdays... [snipped the rest of this *very bad* idea.] giving access to dpkg to a user is just like giving it the password to the root account. why don't you just use sudo? -- Federico Di Gregorio Debian GNU/Linux Developer & Italian Press Contact fog@debian.org INIT.D Developer fog@initd.org Qu'est ce que la folie? Juste un sentiment de liberté si fort qu'on en oublie ce qui nous rattache au monde... -- J. de Loctra
Attachment:
pgpB72GCbY3YC.pgp
Description: PGP signature