Hi! On Tue, 2017-10-17 at 23:08 +0200, Samuel Thibault wrote: > Yes, this is on purpose, just like in the cups-pdf package: it has to > be run as root. Yes, I suspected as much; this seems to be pretty much the same situation as with bug #862732 [0]. I think that the same solution can also be applied here: Make the file world-readable, but only executable for root (although I seriously question cups' design choice to abuse file permissions for configuration / policy storage here, but that's another matter). > Which error/failure/warning do you actually get due to this? I think that /usr (and all other read-only parts of the OS) should really be world-readable. There are a couple of good reasons for this (unprivileged checksum verification, ability to copy parts of the host OS in user chroots, direct auditing/debugging of current program versions, unprivileged backups, etc.), but the real argument is "Why not?": Shipping files in in a FLOSS OS, but restricting read-access is security theater at best (that didn't stop Ubuntu though... [1]). Best regards Alexander Kurtz [0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862732 [1] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/759725
Attachment:
signature.asc
Description: This is a digitally signed message part