On 12/16/05, Bastian Blank <[EMAIL PROTECTED]> wrote: > On Wed, Dec 14, 2005 at 01:54:45PM +0000, Ian Jackson wrote: > > Are you saying that the current default permissions on (eg) /dev/hda* > > are insecure and therefore wrong ? > > Yes, I overwrite them on my machines.
And what is your reason for being unwilling to use the same procedure on devmapper disks? Do you believe that debian should deliver a patchwork collection of administrative decisions, such that every time a new package is installed a new set of administrative policies must be learned and new procedures must be adopted by the users? Personally, I'm using a system where the only way to obtain root access is to log in as root -- there's no privileges gained through suid binaries. Perhaps you'd like to use some significant packages configured this way since it fixes something I consider to be a security problem? Note also that your inconsistency is an inconsistency. You've not fixed the "problem" in all packages, only one package. You've not proposed anything to the community in general which addresses this issue. Instead, you've created problems for people without really improving the security of debian systems in general. This is a good idea? Why? What good thing have you accomplished? Thanks, -- Raul
