Steve Kemp wrote: > On Thu, Jul 31, 2003 at 12:55:28PM -0400, Joey Hess wrote: > > > I'd like to see us move all of our setgid games (except, perhaps, > > nethack) away from using global score files by default. > > I think that should be a good option, but I can see several > games that might suffer by it. Right, such as nethack. Not many though. > I'm loath to ask the user if it should be setgid in the installer > because that's just needless distraction, but perhaps some global > 'setgidnes' setting could be stored in /etc/games? I just threw something in README.Debian and NEWS.Debian about it for xbl. > > I also think it would be a good idea for policy to require all > > setuid/gid bit grants to go through this or another list for peer > > review, much as pre-depends are supposed to. > > I was thinking of approaching that problem a different way. > > In the same way that apt-listchanges shows a packages changelog > at install time, I could see a script 'apt-listsetuid' which would > warn the admin at install time if any new setuid/setgid applications > were being installed. > (Optionally with the option to remove such bits on a global or per > package basis). > > I've thought this several times, but never quite gotten around to > writing the code - if there was any interest I would. That might have more or less the same effect, if developers are the ones who run the script. I don't feel this would be very useful for users though. -- see shy jo
Attachment:
pgpW8FuCenIaE.pgp
Description: PGP signature