dchroot setuid binary is intentional
Hi,
Lintian is reporting that dchroot has a setuid binary. I would like
to add an override:
dchroot: setuid-binary usr/bin/dchroot 4755 root/root
Justification follows:
1. dchroot needs to call chroot(), which will only succeed if the
effective UID is zero.
2. dchroot is careful to only allow users to chroot to paths specified
in /etc/dchroot/conf which is only writable by root.
3. dchroot has been written carefully. I've asked others to look over
the code. If there is a way to make it do something bad, I don't know
it.
Thanks for your time,
David
Reply to: