Re: utmp group proposal

To: debian-policy@lists.debian.org
Subject: Re: utmp group proposal
From: Chris Waters <xtifr@dsp.net>
Date: 09 May 1999 12:41:22 -0700
Message-id: <87u2tmowt9.fsf@dsp.net>
In-reply-to: Joel Klecker's message of "Sun, 9 May 1999 03:23:49 -0700"
References: <19990509031919.A28538@mors.net> <v04204e12b35b124ea90a@[206.163.71.146]>

At 03:19 +0200 1999-05-09, Wichert Akkerman wrote:

> To solve this I propose we create an utmp group and put in
> policy that programs that want to modify the utmp should be setgid utmp
> instead of setuid root (unless root is needed for other purposes of
> course).

This seems like *such* an obvious solution to so many problems that I
find myself perplexed why this hasn't done before, by others.  Which
makes me wonder if there aren't some security issues involved?  I'm
not a security expert, but I'd like to feel sure that this is secure
before we institute it as policy.  So, I'd like to have the proposal
vetted by someone who *is* a security expert before we act on it.

If there are no security issues (and I'm easy to persuade on this),
then I'll change my objection to a hearty endorsement.  :-)

-- 
Chris Waters   xtifr@dsp.net | I have a truly elegant proof of the
      or    xtifr@debian.org | above, but it is too long to fit into
http://www.dsp.net/xtifr     | this .signature file.

Reply to:

Follow-Ups:
- Re: utmp group proposal
  - From: Guy Maor <maor@debian.org>

References:
- utmp group proposal
  - From: Wichert Akkerman <wichert@cs.leidenuniv.nl>
- Re: utmp group proposal
  - From: Joel Klecker <jk@espy.org>

Prev by Date: Re: [SUMMARY] packages useless without non-free servers? (Was: a giant flamewar that's gotten hot as hell itself!)
Next by Date: Re: Bug#37345: [PROPOSAL] Adopt the FHS in place of FSSTND
Previous by thread: Re: utmp group proposal
Next by thread: Re: utmp group proposal
Index(es):
- Date
- Thread