[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: setuid/setgid binaries contained in the Debian repository.

On Sat, Aug 02, 2003 at 12:49:06PM -0500, Manoj Srivastava wrote:

> On Sat, 2 Aug 2003 13:09:09 -0400, Matt Zimmerman <mdz@debian.org> said: 
> > No, we are talking about recommending that developers discuss with other
> > developers before making a change to their package which is
> 
> 	So, we do not need to discuss this if there is no change being made,
> 	ie, packages which are already setgid games? Or if the package being
> 	newly inducted depends on being sgid?

First, no one would _need_ to discuss this because it is only a
recommendation (though a wise one).  Second, your comment about the package
depending on being setid is irrelevant.  Obviously, no program which does
NOT depend on being setid should be made setid, but it should be discussed
in any case.  Often, I believe that the discussion will determine whether or
not it truly depends on being setid.

> > likely to affect the security of every system where the package is
> > installed.  File permissions and program privileges are clearly a
> > packaging matter.  What is the nature of your objection?
> 
> 	You are being disengenuous. If a program needs to write files
>  shared by other users when it is run (save files, high score files,
>  macro definitions), and uses a group writable directory (after taking
>  precautions internally that the files being written ought to be
>  written to, etc), just changing the file permissions without changing
>  the program shall render the program unusable. 

I do not understand why you are presenting such hostile opposition to a
well-intentioned proposal for recommending discussion.

A dictionary both would tell you the correct spelling of the word
"disingenuous", and demonstrate that it does not accurately describe my
words which you quoted above.

You, on the other hand, seem to be misrepresenting or misunderstanding me.
Let me clarify very explicitly:

I AM PROPOSING THAT:

- The policy manual include a recommendation for discussion on debian-devel
  before a new setuid or setgid program is added to the Debian archive,
  whether included for the first time or by change of permission on an
  existing program

YOU APPEAR TO BE IMPLYING THAT I AM PROPOSING THAT:

- Programs be rendered unusable by changing file permissions
- Directories be made world-writable

Absolutely none of the statements listed under the heading "YOU APPEAR TO BE
IMPLYING THAT I AM PROPOSING THAT" are true.  The statement listed under the
heading "I AM PROPOSING THAT" is true.  I hope this helps to avoid any
further confusion.

> 	Making the dir world writable is not a solution, and indeed,
>  is worse for security.

What are you talking about?  The proposal was to recommend discussion; there
was no proposal of world writable directories of any kind.

-- 
 - mdz
Reply to: