Re: setuid/setgid binaries contained in the Debian repository.

To: debian-devel@lists.debian.org
Subject: Re: setuid/setgid binaries contained in the Debian repository.
From: Bernd Eckenfels <lists@lina.inka.de>
Date: Sun, 3 Aug 2003 00:45:09 +0200
Message-id: <[🔎] 20030802224509.GA21542@lina.inka.de>
In-reply-to: <[🔎] 87u18zognf.fsf@glaurung.green-gryphon.com>
References: <[🔎] 20030801174648.GA17424@dragon.kitenet.net> <[🔎] 873cgldw5e.fsf@glaurung.green-gryphon.com> <[🔎] 20030802011210.GA14970@dragon.kitenet.net> <[🔎] 87u190r7ur.fsf@glaurung.green-gryphon.com> <[🔎] 20030802170909.GZ24128@alcor.net> <[🔎] 87r844osq5.fsf@glaurung.green-gryphon.com> <[🔎] 20030802185016.GH24128@alcor.net> <[🔎] 87y8ybooek.fsf@glaurung.green-gryphon.com> <[🔎] 20030802204424.GA14729@lina.inka.de> <[🔎] 87u18zognf.fsf@glaurung.green-gryphon.com>

On Sat, Aug 02, 2003 at 05:09:56PM -0500, Manoj Srivastava wrote:
> 	It is? OK, I am telling you /usr/bin/bar program in package
>  foo really needs to be sgid. I'll document it in bar.6. Is this the
>  end of discussion? Or are we going to really need to look at the code
>  to see if the setgidness can be worked around? 

It is the minimum I would expect from a good package, of course it can be
done much better.

Personally I do not care much about the games, because I expect them to be
unsecure and simply do not install them on important servers with multiple
users. However I can understand admins who want to maintain a friendly user
environemnt, and we should serve them by allowing "chmod g-s /usr/games/*".

BTW: anband is playable without sgid, but since I do not manage to get past
level 1 i am nor sure what kind of implications this has :)

Greetings
Bernd
-- 
  (OO)      -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
 ( .. )  ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes@irc  +497257930613  BE5-RIPE
(O____O)  When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!

Reply to:

References:
- Re: setuid/setgid binaries contained in the Debian repository.
  - From: Joey Hess <joeyh@debian.org>
- Re: setuid/setgid binaries contained in the Debian repository.
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: setuid/setgid binaries contained in the Debian repository.
  - From: Joey Hess <joeyh@debian.org>
- Re: setuid/setgid binaries contained in the Debian repository.
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: setuid/setgid binaries contained in the Debian repository.
  - From: Matt Zimmerman <mdz@debian.org>
- Re: setuid/setgid binaries contained in the Debian repository.
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: setuid/setgid binaries contained in the Debian repository.
  - From: Matt Zimmerman <mdz@debian.org>
- Re: setuid/setgid binaries contained in the Debian repository.
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: setuid/setgid binaries contained in the Debian repository.
  - From: Bernd Eckenfels <lists@lina.inka.de>
- Re: setuid/setgid binaries contained in the Debian repository.
  - From: Manoj Srivastava <srivasta@debian.org>

Prev by Date: Re: setuid/setgid binaries contained in the Debian repository.
Next by Date: Re: setuid/setgid binaries contained in the Debian repository.
Previous by thread: Re: setuid/setgid binaries contained in the Debian repository.
Next by thread: [OT:HUMOR] Re: setuid/setgid binaries contained in the Debian repository.
Index(es):
- Date
- Thread