Re: Adding file permissions to /var/lib/dpkg/*.list
On Sat, 05 May 2007 18:03:18 +0200, Conrado Buhrer wrote:
> Well, some guy entered our chat channel #linux on IRCnet with having run
> a script he made to recursively set permissions on a directory tree.
> Unfortunately he broke his whole distribution. Its a common newbie
> mistake to change permissions without thinking about the consequences.
> On debian you could not write a script on your own to fix this without
> having to download every package again, or packages on a cd, etc.
If he had relaxed permissions, then in the intervening time an attacker
could have altered files and so on, in which case he's hosed anyway.
Anyway, I think that there are too many files that dpkg just does not
know about for this to be useful at the present time. If packages could
register files that they create with dpkg (basically a standard interface
for appending to $dpkg_dir/package.list) then it would be more useful.
--
Sam Morris
http://robots.org.uk/
PGP key id 1024D/5EA01078
3412 EA18 1277 354B 991B C869 B219 7FDB 5EA0 1078
Reply to: