[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bits from the release team: the plans for etch

Stephen Frost <sfrost@snowman.net> writes:

> * Thomas Bushnell BSG (tb@becket.net) wrote:
>> Stephen Frost <sfrost@snowman.net> writes:
>> > By knowing what the package uses the user for.  This is somewhat akin to
>> > the PostgreSQL package's question "do you want your data files to be
>> > purged upon package removal", or the fact that the default Postgres
>> > installation uses ident and the 'postgres' user is the superuser for the
>> > database (meaning you're going to be su'ing to postgres probably a fair
>> > bit).
>> How do you know that the system administrator hasn't chowned a file to
>> that UID?
> Same way you know that the system administrator hasn't modified a file
> in /usr/bin.

Um, I know that by comparing the contents against a known-true
version.  How do I detect whether the system administrator has used a

Moreover, the consequences of getting the one wrong are that you
delete the sysadmin's changes.  The consequences of the other are an
important and difficult-to-detect security hole.


Reply to: