The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The unanswered Question



On 20 Nov 1996, Daniel Quinlan wrote:

quinlan >*If* in a Debian package, it would be a violation of the Debian policy
quinlan >manual.  To be compliant, they would have to be mode 4754.

Ok. Here is the manual entry:

Section 3.3:

 Some setuid programs need to be restricted to particular sets of users,
 using file permissions. In this case they should be owned by the uid to
 which they are set-id, and by
 the group which should be allowed to execute them. They should have mode
 4754; there is no point in making them unreadable to those users who must
 not be allowed to
 execute them.

Thus its ok if I do just what I wanted for the netdiag package right?

More from Section 3.3:

 Do not arrange that the system administrator can only reconfigure the
 package to correspond to their local security policy by changing the
 permissions on a binary. Ordinary
 files installed by dpkg (as opposed to conffiles and other similar
 objects) have their permissions reset to the distributed permissions when
 the package is reinstalled.
 Instead you should consider (for example) creating a group for people
 allowed to use the program(s) and making any setuid executables
 executable only by that group.

dosemu and debmake both violate that section. Thus I should
provide a group for both of them or do something else to avoid modifying
permissions on files in order to accomplish functionality.

Why were so many people opposed when I did these things in the past?

 --- +++ --- +++ --- +++ --- +++ --- +++ --- +++ --- +++
--- PGP Public Key  =  FB 9B 31 21 04 1E 3A 33  C7 62 2F C0 CD 81 CA B5 

--
Please respect the confidentiality of material on the debian-private list.
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com