Re: Bug#967857: debian-policy: [Files/Permissions and owners] files installed by package manager should not be writable
Ansgar <ansgar@debian.org> writes:
> 10.9 Permissions and owners currently says
> | Files should be owned by root:root, and made writable only by the
> | owner and universally readable (and executable, if appropriate),
> | that is mode 644 or 755."
> However most files shouldn't be modified as modifications will just be
> lost (e.g. everything installed by the package manager that isn't
> handled as a conffile). It also gives more permissions than the minimum
> needed.
> I think static files should not be writable instead, so every file under
> /usr (and /bin, /sbin, /lib*; or everything dpkg installs that is not a
> conffile) should have 444 (or 555).
I assume this is in support of systems, containers, or jails where UID 0
may not have CAP_FOWNER?
The basic argument makes sense to me, but this is the sort of change where
we'll need to figure out a transition strategy coordinated across multiple
packages, since this behavior is encoded in a lot of places. Maybe it
would make sense for Guillem to weigh in first and indicate whether this
would be a problem on the dpkg side and if he sees any concerns. Copying
debian-dpkg@lists for that.
--
Russ Allbery (rra@debian.org) <https://www.eyrie.org/~eagle/>
Reply to: