Re: [PROPOSAL] (Ch.16 FHS) be more specific on file/dir permissions
Date: Thu, 4 Jan 2001 13:40:04 +0100
From: Johannes Poehlmann <johannes@caldera.de>
Problem:
LSB says nothing about File Permissions.
o This makes it possible to set up an LSB-conforming package
and a LSB conforming Linux system where the application can
not run on the linux system.
o LSB-conforming systems should be allowed to use very restrictive
permission schemes, not to make security and LSB a contradiction.
I'm not sure we want to go here. Permissions generally are a system
administrator issue much more than they are a distribution issue, and
trying to word things so that we don't prohibit perfectly sane
configurations might be very difficult. For example, there are probably
certain system users (like the one used by the imap daemon, or the one
used by the anonymous FTP daemon) who might have very restrictive
permissions schemes. Is this allowed? I would argue that an LSB
statement which prohibited this type of security precaution is broken,
and we shouldn't go there.
And even if we specify that "users" must be given such permissions,
maybe in some cases there will some set of users that should be given
very restrictive permissions.
My suggest is that we not try to address this "problem". If a
distribution sets such a highly restrictve set of permissions, the
system administrator can always "fix" the permissions very easily, and
if someone did try to sell such a super-secure distribution as a
desktop, market forces will probably solve the problem very quickly.
(And in a server environment, as a sysadmin I'd much rather have a
system which was oversecured, and which I could open up exactly what is
needed to allow applications to run, rather than a system which was
shipped "insecure out of the box".)
- Ted
Reply to: