Re: Please proofread beep debconf template
Gerfried Fuchs quoted:
> _Choices: usable for all, usable for group audio, usable only for root
> _Description: Install beep as:
> beep must be run as root since it needs to access the speaker hardware.
> There are several possibilities to make the program usable: Either only
> for root (no suid bit at all), executable only by users of the group
> audio, or usable for all.
> Since each program set as suid root can be a security risk this is not done
> by default. However, the program is quite small (~150 lines of code), so it
> is fairly easy to verify the safety of the code yourself, if you don't
> trust the package maintainer's judgement.
Well, it's all grammatical and intelligible, but it could do with
rephrasing. How about something more like this...
_Choices: usable for all, usable for group audio, usable only for root
_Description: Install beep as:
Since beep needs access to the speaker hardware, normal users will not be
able to use it unless the setuid bit is set. There are three options for its
-rwsr-xr-x root:audio = setuid root for all users
-rwsr-xr-- root:audio = setuid root for members of the group "audio"
-rwxr-xr-x root:audio = non-setuid, and unusable for normal users
The third option is the default, since any program that grants elevated
privileges is a potential security risk. However, the program is quite small
(~150 lines of code), so it is fairly easy to verify the safety of the code
yourself, if you don't trust the package maintainer's judgement.
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package