[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Adding file permissions to /var/lib/dpkg/*.list

On Sat, 05 May 2007 18:03:18 +0200, Conrado Buhrer wrote:
> Well, some guy entered our chat channel #linux on IRCnet with having run
> a script he made to recursively set permissions on a directory tree.
> Unfortunately he broke his whole distribution. Its a common newbie
> mistake to change permissions without thinking about the consequences.
> On debian you could not write a script on your own to fix this without
> having to download every package again, or packages on a cd, etc.

If he had relaxed permissions, then in the intervening time an attacker 
could have altered files and so on, in which case he's hosed anyway.

Anyway, I think that there are too many files that dpkg just does not 
know about for this to be useful at the present time. If packages could 
register files that they create with dpkg (basically a standard interface 
for appending to $dpkg_dir/package.list) then it would be more useful.

-- 
Sam Morris
http://robots.org.uk/

PGP key id 1024D/5EA01078
3412 EA18 1277 354B 991B  C869 B219 7FDB 5EA0 1078
Reply to: