[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: setuid/setgid binaries contained in the Debian repository.

On Fri, Aug 01, 2003 at 01:46:48PM -0400, Joey Hess wrote:

> Here's a draft policy proposal. If this looks ok I'll submit it to the
> policy group.

Thanks for doing this.  It looks fine, with the exception of a small typo:

> +          Since setuid and setgid programs are often a security rick,
                                                                   ^ risk

If we could come up with a standard way of setting these permissions, to
avoid the kind of messing around in the postinst that we do now, it would be
trivial to add lintian/linda warnings for this, to encourage maintainers to
discuss the situation before uploading.  doogie, asuffield and I discussed
this on IRC recently.

 - mdz

Reply to: