[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [PROPOSAL] (Ch.16 FHS) be more specific on file/dir permissions

Is it possible to misunderstand my proposal as 
"bossing around" Distributions ?

>        LSB says nothing about File Permissions.
>        o   This makes it possible to set up an LSB-conforming package 
> 	   and a LSB conforming Linux system where the application can 
> 	   not run on the linux system.
I fear that future LSB-compliant distributions could be bashed to dead 
if say LSB-compliant oracle can not run on them because of 
permission conflicts.

>        o   LSB-conforming systems should be allowed to use very restrictive
> 	   permission schemes, not to make security and LSB a contradiction.

If we do not spec permissions at all, we will have a de facto standard
which says: All major ISV packages have to run, so give them the permissions
they need. This will force LSB compliant distributions to grant a lot
of file/dir permissions. 

The proposal proper gives the Distro/Sysadmin the greatest possible 
freedom on the cost of ISVs: If we forbid ISVs to demand certain 
permissions the Distro/Admin has the FREEDOM to grant them or not.
> I'm not sure we want to go here.  Permissions generally are a system
> administrator issue much more than they are a distribution issue, and
> trying to word things so that we don't prohibit perfectly sane
> configurations might be very difficult.  For example, there are probably
> certain system users (like the one used by the imap daemon, or the one
> used by the anonymous FTP daemon) who might have very restrictive
> permissions schemes.  Is this allowed?  I would argue that an LSB
> statement which prohibited this type of security precaution is broken,
> and we shouldn't go there.
Ted, that is exactly the situation i want to prevent
> My suggest is that we not try to address this "problem".  If a
> distribution sets such a highly restrictve set of permissions, the
> system administrator can always "fix" the permissions very easily, and
> if someone did try to sell such a super-secure distribution as a
> desktop, market forces will probably solve the problem very quickly.
Is this good ? Do we want future bad press for Linux and the LSB like:
"Standard Linux is open to XYZ-attack" ?

     ______   ___        
    /  ___/__/  /                 Caldera (Deutschland) GmbH          
   /  /_/ _  / /__        Naegelsbachstr. 49c, 91052 Erlangen, Germany 
  /_____/_/ /____/            software developer / lsb project 
 ==== /____/ =====   Dipl. Inf. Johannes Poehlmann, mail: jhp@caldera.de
Caldera OpenLinux    phone: ++49 9131 7192 336, fax: ++49 9131 7192 399

Reply to: