Re: Bits from the release team: the plans for etch

To: Thomas Bushnell BSG <tb@becket.net>
Cc: Marc Haber <mh+debian-devel@zugschlus.de>, debian-devel@lists.debian.org
Subject: Re: Bits from the release team: the plans for etch
From: Stephen Frost <sfrost@snowman.net>
Date: Wed, 26 Oct 2005 14:13:28 -0400
Message-id: <[🔎] 20051026181328.GY6026@ns.snowman.net>
Mail-followup-to: Thomas Bushnell BSG <tb@becket.net>, Marc Haber <mh+debian-devel@zugschlus.de>, debian-devel@lists.debian.org
In-reply-to: <[🔎] 87d5ls2lv4.fsf@becket.becket.net>
References: <[🔎] 20051025202118.GA10290@javifsp.no-ip.org> <[🔎] E1EUecU-0004QS-NV@scyw00225.scy001.de> <[🔎] 20051026091100.GA3940@javifsp.no-ip.org> <[🔎] E1EUiKp-0005zI-4A@scyw00225.scy001.de> <[🔎] 20051026130749.GO6026@ns.snowman.net> <87d5lss2md.fsf@becket.becket.net> <[🔎] 20051026160420.GS6026@ns.snowman.net> <[🔎] 87psps5fvw.fsf@becket.becket.net> <[🔎] 20051026175131.GX6026@ns.snowman.net> <[🔎] 87d5ls2lv4.fsf@becket.becket.net>

* Thomas Bushnell BSG (tb@becket.net) wrote:
> Stephen Frost <sfrost@snowman.net> writes:
> > Same way you know that the system administrator hasn't modified a file
> > in /usr/bin.
> 
> Um, I know that by comparing the contents against a known-true
> version.  How do I detect whether the system administrator has used a
> UID?

Except last I checked, we don't do such comparison.  If you really
wanted to know if the UID was used you could do a find /, etc.  Neither
is necessary though, which is the point.

> Moreover, the consequences of getting the one wrong are that you
> delete the sysadmin's changes.  The consequences of the other are an
> important and difficult-to-detect security hole.

This is just patently false, as has been pointed out elsewhere.  What
security hole, exactly, is created by orphaning a file?

	Thanks,

		Stephen

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: Bits from the release team: the plans for etch
  - From: Andreas Barth <aba@not.so.argh.org>
- Re: Bits from the release team: the plans for etch
  - From: Thomas Bushnell BSG <tb@becket.net>

References:
- Re: Bits from the release team: the plans for etch
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Bits from the release team: the plans for etch
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Bits from the release team: the plans for etch
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Bits from the release team: the plans for etch
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Bits from the release team: the plans for etch
  - From: Stephen Frost <sfrost@snowman.net>
- Re: Bits from the release team: the plans for etch
  - From: Stephen Frost <sfrost@snowman.net>
- Re: Bits from the release team: the plans for etch
  - From: Thomas Bushnell BSG <tb@becket.net>
- Re: Bits from the release team: the plans for etch
  - From: Stephen Frost <sfrost@snowman.net>
- Re: Bits from the release team: the plans for etch
  - From: Thomas Bushnell BSG <tb@becket.net>

Prev by Date: Re: Bits from the release team: the plans for etch
Next by Date: Re: Bits from the release team: the plans for etch
Previous by thread: Re: Bits from the release team: the plans for etch
Next by thread: Re: Bits from the release team: the plans for etch
Index(es):
- Date
- Thread