Bug#299007: base-files: Insecure PATH
On Sat, Mar 19, 2005 at 06:56:37PM +1100, Brendan O'Dea wrote:
> I believe that the facility of having a group which may write to
> /usr/local is very useful and should be retained. Furthermore, I would
> assert that the current situation poses no security risks without the
> administrator choosing to add users to the staff group.
I would like to add there is at least an other group in Debian that is
equivalent to root access, namely disk, and there are others that
present a security risk (e.g. shadow). Why special casing staff ?
> Having /home writable by group staff OTOH doesn't seem particularly
> useful.
This is useful when you want to store data in the /home partition that
do not need to belong to any user.
You can do e.g.
mkdir /home/debs; mv *.deb /home/debs
And so far no one has stated how it was a security risk.
Cheers,
--
Bill. <ballombe@debian.org>
Imagine a large red swirl here.
Reply to: