On Sat, Aug 02, 2003 at 12:49:06PM -0500, Manoj Srivastava wrote: > On Sat, 2 Aug 2003 13:09:09 -0400, Matt Zimmerman <[EMAIL PROTECTED]> said: > > No, we are talking about recommending that developers discuss with other > > developers before making a change to their package which is > > So, we do not need to discuss this if there is no change being made, > ie, packages which are already setgid games? Or if the package being > newly inducted depends on being sgid?
First, no one would _need_ to discuss this because it is only a recommendation (though a wise one). Second, your comment about the package depending on being setid is irrelevant. Obviously, no program which does NOT depend on being setid should be made setid, but it should be discussed in any case. Often, I believe that the discussion will determine whether or not it truly depends on being setid. > > likely to affect the security of every system where the package is > > installed. File permissions and program privileges are clearly a > > packaging matter. What is the nature of your objection? > > You are being disengenuous. If a program needs to write files > shared by other users when it is run (save files, high score files, > macro definitions), and uses a group writable directory (after taking > precautions internally that the files being written ought to be > written to, etc), just changing the file permissions without changing > the program shall render the program unusable. I do not understand why you are presenting such hostile opposition to a well-intentioned proposal for recommending discussion. A dictionary both would tell you the correct spelling of the word "disingenuous", and demonstrate that it does not accurately describe my words which you quoted above. You, on the other hand, seem to be misrepresenting or misunderstanding me. Let me clarify very explicitly: I AM PROPOSING THAT: - The policy manual include a recommendation for discussion on debian-devel before a new setuid or setgid program is added to the Debian archive, whether included for the first time or by change of permission on an existing program YOU APPEAR TO BE IMPLYING THAT I AM PROPOSING THAT: - Programs be rendered unusable by changing file permissions - Directories be made world-writable Absolutely none of the statements listed under the heading "YOU APPEAR TO BE IMPLYING THAT I AM PROPOSING THAT" are true. The statement listed under the heading "I AM PROPOSING THAT" is true. I hope this helps to avoid any further confusion. > Making the dir world writable is not a solution, and indeed, > is worse for security. What are you talking about? The proposal was to recommend discussion; there was no proposal of world writable directories of any kind. -- - mdz
