Re: debhelper: dh_fixperms should come after dh_suidregister (was: Re: setgid stuff)

To: Brian May <bam@debian.org>
Cc: debian-mentors@lists.debian.org
Subject: Re: debhelper: dh_fixperms should come after dh_suidregister (was: Re: setgid stuff)
From: Joey Hess <joeyh@debian.org>
Date: Mon, 29 Nov 1999 23:57:40 -0800
Message-id: <[🔎] 19991129235740.S3839@kitenet.net>
In-reply-to: <[🔎] 84903jct9o.fsf@snoopy.apana.org.au>; from bam@debian.org on Sun, Nov 28, 1999 at 12:13:55PM +1100
References: <[🔎] 19991124235627.A27925@polya> <[🔎] Pine.LNX.4.21.9911251257440.22777-100000@dat95pkn.campus.mdh.se> <[🔎] 19991125202530.A13229@polya> <[🔎] 84iu2opvvp.fsf@snoopy.apana.org.au> <[🔎] 19991127181503.C8474@polya> <[🔎] 19991127111756.A6512@parsley.cortland.com> <[🔎] 84iu2nd09q.fsf@snoopy.apana.org.au> <[🔎] 19991128004207.D11425@polya> <[🔎] 84903jct9o.fsf@snoopy.apana.org.au>

Brian May wrote:
> That makes more sense. dh_make in slink doesn't do this though, potato
> might be different.

Debhelper's example rules files have always done this, though I cannot speak
for dh-make.

> My observation (nothing more/less, however, probably a good idea
> in general):
> 
> This means that it is the debian maintainer's decision to have a
> SetUID program, not the upstream maintainer (as dh_fixperms overrides
> anything set by the upstream Makefile).
> 
> At least, the Debian maintainer must be aware of programs that are
> SetUID.

Yes, that's exactly the idea. I don't want a new upstream release of a
package I maintain introducing a new suid binary and me missing it and not
auditing it before putting it in debian. I'm paranoid about this and here
debhelper reflects my paranoia.

Of course, it also lets you reorder the commands any way you like, or not
even call dh_fixperms.

-- 
see shy jo

Reply to:

References:
- Re: setgid stuff
  - From: Julian Gilbey <J.D.Gilbey@qmw.ac.uk>
- Re: setgid stuff
  - From: peter karlsson <pk@mds.mdh.se>
- Re: setgid stuff
  - From: Julian Gilbey <J.D.Gilbey@qmw.ac.uk>
- Re: setgid stuff
  - From: Brian May <bam@debian.org>
- debhelper: dh_fixperms should come after dh_suidregister (was: Re: setgid stuff)
  - From: Julian Gilbey <J.D.Gilbey@qmw.ac.uk>
- Re: debhelper: dh_fixperms should come after dh_suidregister (was: Re: setgid stuff)
  - From: Adam Klein <aklein@parsley.cortland.com>
- Re: debhelper: dh_fixperms should come after dh_suidregister (was: Re: setgid stuff)
  - From: Brian May <bam@debian.org>
- Re: debhelper: dh_fixperms should come after dh_suidregister (was: Re: setgid stuff)
  - From: Julian Gilbey <J.D.Gilbey@qmw.ac.uk>
- Re: debhelper: dh_fixperms should come after dh_suidregister (was: Re: setgid stuff)
  - From: Brian May <bam@debian.org>

Prev by Date: Re: Lintian: pkg-without-shlibs-has-shlibs-control-file
Next by Date: Re: Lintian: pkg-without-shlibs-has-shlibs-control-file
Previous by thread: Re: debhelper: dh_fixperms should come after dh_suidregister (was: Re: setgid stuff)
Next by thread: Re: debhelper: dh_fixperms should come after dh_suidregister (was: Re: setgid stuff)
Index(es):
- Date
- Thread