Re: If you care about debian's security read this
On Sun, Mar 03, 2002 at 10:52:28PM -0300, Gustavo Noronha Silva wrote:
> On 03 Mar 2002 19:25:39 -0500
> Jeff Licquia <licquia@debian.org> wrote:
>
> > On Sun, 2002-03-03 at 06:13, Gustavo Noronha Silva wrote:
> > > gnome-sudo and configlet's maintainers are trying to let a root hole
> > > go in woody
> >
> > Translation: "Jeff and I have a difference of opinion, but instead of
> > debating it nicely, I'm going to slander his reputation in public.
> > That'll teach him to cross me!"
> by the way, I don't want to attack anyone personally... I think the work
> you guys do is great... but I'm worried about gnome-sudo... I wouldn't like
> to see it on Debian the way it is, that's it...
OK.
So you need to acknowledge that gnome-sudo doesn't do what you thought
(or hoped) it did. It doesn't restrict access to a subset of possible
commands.
That is not a root hole, any more than 'sudo' itself is a root hole,
since sudo allows people to set up root access for any user, or chmod
is a root hole since it allows root to make setuid root shells.
This is not a security hole, or a bug. It is simply a program
provided more limited functionality than you hoped. (and if your hope
was motivated by the name of the program, assuming it would have all
the features of sudo, then I quite understand, I would probably have
made the same initial assumption). I hope the way it does in fact
operate is clearly documented.
But you have presented no reason to exclude it from woody.
Jules
Reply to: