Re: Bits from the release team: the plans for etch

To: Marc Haber <mh+debian-devel@zugschlus.de>
Cc: debian-devel@lists.debian.org
Subject: Re: Bits from the release team: the plans for etch
From: Thomas Bushnell BSG <tb@becket.net>
Date: Wed, 26 Oct 2005 11:07:11 -0700
Message-id: <[🔎] 87d5ls2lv4.fsf@becket.becket.net>
In-reply-to: <[🔎] 20051026175131.GX6026@ns.snowman.net> (Stephen Frost's message of "Wed, 26 Oct 2005 13:51:31 -0400")
References: <[🔎] 20051025105240.GA21436@javifsp.no-ip.org> <[🔎] E1EUOsY-0000Jv-F3@scyw00225.scy001.de> <[🔎] 20051025202118.GA10290@javifsp.no-ip.org> <[🔎] E1EUecU-0004QS-NV@scyw00225.scy001.de> <[🔎] 20051026091100.GA3940@javifsp.no-ip.org> <[🔎] E1EUiKp-0005zI-4A@scyw00225.scy001.de> <[🔎] 20051026130749.GO6026@ns.snowman.net> <87d5lss2md.fsf@becket.becket.net> <[🔎] 20051026160420.GS6026@ns.snowman.net> <[🔎] 87psps5fvw.fsf@becket.becket.net> <[🔎] 20051026175131.GX6026@ns.snowman.net>

Stephen Frost <sfrost@snowman.net> writes:

> * Thomas Bushnell BSG (tb@becket.net) wrote:
>> Stephen Frost <sfrost@snowman.net> writes:
>> > By knowing what the package uses the user for.  This is somewhat akin to
>> > the PostgreSQL package's question "do you want your data files to be
>> > purged upon package removal", or the fact that the default Postgres
>> > installation uses ident and the 'postgres' user is the superuser for the
>> > database (meaning you're going to be su'ing to postgres probably a fair
>> > bit).
>> 
>> How do you know that the system administrator hasn't chowned a file to
>> that UID?
>
> Same way you know that the system administrator hasn't modified a file
> in /usr/bin.

Um, I know that by comparing the contents against a known-true
version.  How do I detect whether the system administrator has used a
UID?

Moreover, the consequences of getting the one wrong are that you
delete the sysadmin's changes.  The consequences of the other are an
important and difficult-to-detect security hole.

Thomas

Reply to:

Follow-Ups:
- Re: Bits from the release team: the plans for etch
  - From: Stephen Frost <sfrost@snowman.net>
- Re: Bits from the release team: the plans for etch
  - From: Wouter Verhelst <wouter@debian.org>

References:
- Re: Bits from the release team: the plans for etch
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Bits from the release team: the plans for etch
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Bits from the release team: the plans for etch
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Bits from the release team: the plans for etch
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Bits from the release team: the plans for etch
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Bits from the release team: the plans for etch
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Bits from the release team: the plans for etch
  - From: Stephen Frost <sfrost@snowman.net>
- Re: Bits from the release team: the plans for etch
  - From: Stephen Frost <sfrost@snowman.net>
- Re: Bits from the release team: the plans for etch
  - From: Thomas Bushnell BSG <tb@becket.net>
- Re: Bits from the release team: the plans for etch
  - From: Stephen Frost <sfrost@snowman.net>

Prev by Date: Re: License for PEAR packages
Next by Date: Re: Bits from the release team: the plans for etch
Previous by thread: Re: Bits from the release team: the plans for etch
Next by thread: Re: Bits from the release team: the plans for etch
Index(es):
- Date
- Thread