On Tue, Jan 19, 1999 at 05:16:01PM -0500, Avery Pennarun wrote: > When the docs for a setuid program warn you "not to trust its security" > then be afraid, be very afraid. It shouldn't be automatically setuid in > Debian until _some_ security-conscious person has audited it carefully.
On a related note, I recently had a relatively grave security concern with the 'xzx' package (a ZX Spectrum emulator for X) - after it faulted one time (can't remember what happened - I think it just stopped responding to closing the window and using 100% CPU), I had a number of things go wrong - I checked out the binary itself, and found it was suid root! Now, the postinst (which sets the suid bit) never warned me about this, and I can also see no reason for it to be suid root - it doesn't appear to give up root priviledges once started (and contains file dialogs). I'm not sure whether this violates policy or not (and thus whether to file a bug against it) - but Policy does not require postinsts using chmod/suidregister to give message or query, then perhaps it needs to be added... -- Robert Donn
