Bug#299007: base-files: Insecure PATH

[Brendan O'Dea <bod@debian.org>]

On Sat, Mar 19, 2005 at 09:35:42PM +1100, psz@maths.usyd.edu.au wrote:
>Thanks for pointing those out! Add group tty also? All should be
>"squashed" (and the objects owned by root:root instead).

Hey, good idea!  Why don't we ditch *all* the groups and have everything
groupt root!

That "src" group is *obviously* a security risk, it makes any user in
that group root-equiv since they can dick with /usr/src/linux...

Sheesh.  Get a grip.

The various role groups are useful, and typically *increase* security
since they provide limited access to certain files/subtrees.  Moreover
by default no user is placed into those groups.

Your argument is that exporting a writable / or /usr via NFS exposes you
to possible exploits?  Then DON'T DO THAT.

Can you give a realistic example where one would *want* such an export?
Moreover one without all_squash?

NFS exports of /usr for diskless workstations are typically read-only,
and in such cases / is either also read-only or specific to the client.

--bod