Re: setuid/setgid binaries contained in the Debian repository.
On Fri, 1 Aug 2003 13:46:48 -0400, Joey Hess <joeyh@debian.org> said:
> Here's a draft policy proposal. If this looks ok I'll submit it to
> the policy group.
> Proposal: [DRAFT] require peer review for setuid and setgid program
> introduction
> Setuid and setgid programs are one of the main causes of security
> holes and DSA's in Debian. Often these holes can be spotted easily
> with a simple review. Sometimes setuid/gid programs can be modified
> in fairly simple ways to not need these dangerous permissions at
> all. A few well-trained eyes looking over a package before it goes
> into the distribution and becomes a security risk can make all the
> difference.
> So, I propose that any new setuid or setgid programs should be
> reviewed by a team of interested people before being put into the
> distribution. In discussions on debian-devel, we agreed this was a
> good idea, and that debian-security is the appropriate list for
> these reviews. The reviewers will be whoever is interested, which
> currently includes at least one member of the security team, and one
> of our most prolific security auditors.
> Note the paralell with the existing requirement that essential
> packages be discussed on debian-devel.
This seems like a good practice kind of recommendation, not an
requirement, and as such, may be better suited to be included
in developers reference rather than policy, don't you think?
manoj
--
The Bird of Time has but a little way to fly ... and the bird is on
the wing. Omar Khayyam
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: