[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: setuid/setgid binaries contained in the Debian repository.



On Fri, Aug 01, 2003 at 11:34:11AM +0200, Tollef Fog Heen wrote:
> * Steve Kemp 
> 
> | On Fri, Aug 01, 2003 at 08:20:08AM +0200, Tollef Fog Heen wrote:
> | 
> | > what's wrong with a low-priority debconf question with a sane default?
> | 
> |   Absolutely nothing at all, but it's a slippery slope, and I thought
> |  we were tending towards less interactivity in installations?
> 
> which is why I said «low priority»:
> 
> 'critical' only prompts you if the system might break.
>            Pick it if you are a newbie, or in a hurry.
> 'high' is for rather important questions
> 'medium' is for normal questions
> 'low' is for control freaks who want to see everything
> 
> If you select low, you will have to drink off the fire hose.  Having
> low-priority questionsis good, since it makes it easy to make
> customized installs with preloaded answers.

The only question I would have about it is that every potentially-sgid game
package would need to share the question (so that it only got asked once,
but was available whenever needed) - organizing that could be a bit tricky,
I would think.

Certainly I think it would be one of the more reasonable uses of shared
debconf stuff - one question, low priority, a sane default of not being
sgid, and assuming packages used something proper (er, dpkg-statoverride?)
to register the sgid bit, it doesn't matter if you blow away the answer
cache - you can look at the existing state and find out what you need to
know (or, presumably, override it).
-- 
Joel Baker <fenton@debian.org>

Attachment: pgphpsgK9xNHG.pgp
Description: PGP signature


Reply to: