Bug#697438: linux-user-chroot Debian packaging

To: László Böszörményi "(GCS)" <gcs@debian.org>
Cc: Thomas Bechtold <thomasbechtold@jpberlin.de>, 697438@bugs.debian.org
Subject: Bug#697438: linux-user-chroot Debian packaging
From: Emanuele Aina <emanuele.aina@collabora.com>
Date: Mon, 16 Sep 2013 13:37:46 +0200
Message-id: <[🔎] 1379331466.10352.13.camel@autarpio.lan>
Reply-to: Emanuele Aina <emanuele.aina@collabora.com>, 697438@bugs.debian.org
In-reply-to: <[🔎] CAKjSHr3+9-YOkZpKxRg9WQz9cMdkexNoa_pefb+75oHLS9ctNw@mail.gmail.com>
References: <[🔎] CAKjSHr3+9-YOkZpKxRg9WQz9cMdkexNoa_pefb+75oHLS9ctNw@mail.gmail.com>

László Böszörményi (GCS) wrote:

> Also please note that the current state can be interpreted as some
> kind of security threat. Its binary installed as setuid and executable
> for everyone. A more safe solution would be a separate group and only
> its members would be allowed to execute linux-user-chroot .

Yup, I'm not sure how serious the threat may be, but restricting it a
bit would fine for me.

Note though that the Fedora package does not do that[1] and since it is
done by Colin I'm not sure if we want to diverge from it.

Asking Colin about the group restriction may be a good a idea.

[1] http://pkgs.fedoraproject.org/cgit/linux-user-chroot.git/tree/linux-user-chroot.spec#n32

Reply to:

References:
- Bug#697438: linux-user-chroot Debian packaging
  - From: László Böszörményi (GCS) <gcs@debian.org>

Prev by Date: Bug#722965: marked as done (ITP: docopt -- Creates beautiful command-line interfaces)
Next by Date: Bug#722935: RFP: libjs-twitter-bootstrap3 -- HTML, CSS and JS toolkit from Twitter
Previous by thread: Bug#697438: linux-user-chroot Debian packaging
Next by thread: Processed: update submitter address for some bugs
Index(es):
- Date
- Thread