[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: dpkg-buildpackage (-rfakeroot) leaves setuid binaries



also sprach Christian Jaeger <christian.jaeger@sl.ethz.ch> [2002.01.22.0129 +0100]:
> They were accessible, because I didn't realize that there was a risk, 
> and because it's convenient when other users on the system can grab 
> the finished .deb's from the build dir (to install them on their 
> machine) without me having to move them to a public place.

yes, that's UNIX life. convenience ~ security^-1,

where operator~ here is "proportional"

-- 
martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net@madduck
  
i have the power to channel my imagination
into ever-soaring levels of suspicion and paranoia.

Attachment: pgpEqJ_l0LyGS.pgp
Description: PGP signature


Reply to: