On 01/02/2018 01:15 AM, Josip Rodin wrote: > All of those changes related to HAVE_COURIER sound like something that > should be possible to figure out on runtime.
That's exactly what I thought as well and proposed, but upstream rejected as an additional security risk. > I still don't see a rationale for that. The existence of those measly few > lines about the HAVE_COURIER define, that we then have to interpret and > reverse-engineer and whatnot - simply don't constitute a valid rationale > for adding back a binary with suid root by default. Exactly my line of thought as well. > I think we need to ask Sam to document this properly, and only then proceed > with any further considerations. That's fine with me. Kind Regards Markus Wanner
