The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: suid programs and security

To: Steve McIntyre <stevem@chiark.greenend.org.uk>
Subject: Re: suid programs and security
From: Fabien Ninoles <ninf01@GEL.USherb.CA>
Date: Mon, 17 Feb 1997 12:53:57 -0500 (EST)
Cc: Debian Private <debian-private@lists.debian.org>
Importance: low
In-reply-to: <Pine.LNX.3.95.970217162842.22007S-100000@hammer.chu.cam.ac.uk>
Priority: non-urgent
Reply-to: fab@tzone.org
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"2EI3L.0.zA2.4p92p"@master.debian.org>
Resent-reply-to: debian-private@lists.debian.org
Resent-sender: debian-private-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 17 Feb 1997, Steve McIntyre wrote:

> 
> On Mon, 17 Feb 1997, Fabien Ninoles wrote:
> >
> >I had done some big administration on my system this weekend and find a 
> >lot of programs who dont register their suid bits throw suidregister 
> >(especially games). This should be a must on the distribution, as for a 
> >check option on suidregister who check not register suid programs. 
> 
> Excuse me, but when did it become a _requirement_ to use suidregister? I'm
> managing quite well without, as are many other people I'd guess.
> 

Is not required but practical... The purpose is to have a good place to 
know which programs are suid. suidregister registers each package in 
/etc/suid.conf with all the good information. It was easy to use 
(suidregister [-s my_package] filename user group permissions )  
and an admin can easily warp it so he will be warn if anything are change.

Add this to a restrictive dpkg who remove all suid off the package (why 
not make it the standard ?) and you will have, in a snap, a more secure 
system.

just my 2 pennies.

- ---------------------------------------------------------------------
 "Sex without love is an empty experience. But as empty 
  experiences go, it's one of the best."
                                        -- Woody Allen
- ---------------------------------------------------------------------
Fabien Ninoles aka le Veneur aka le Corbeau     
E-mail: fab@tzone.org
WebPage: http://www-edu.gel.usherb.ca/ninf01 
E-mail me with "get pgp key" in the subject to get my public key
PGP KEY [E3723845]: 1C C1 4F A6 EE E5 4D 99  4F 80 2D 2D 1F 85 C1 70 
- ----------------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMwibMFX6fc7jcjhFAQHYAAP9FOGACNqQH17pf7MZMEDhJaO48c4YfkKC
O1/i4gDWgLYXKZK3bvjXmbDH+Wkvse4c1iz5QX+ntddqdtDRhhNfh5VuIwpBgJIi
auSln4Fgtw/mRVs+p4fXUexYFBz8Yo2pfTpR3FvvDgt7cfMFw4laM5r9Ko1S7Wd9
vLrx9Kpom74=
=XnBL
-----END PGP SIGNATURE-----


--
Please respect the confidentiality of material on the debian-private list.
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Follow-Ups:
- Re: suid programs and security
  - From: Steve McIntyre <stevem@chiark.greenend.org.uk>

References:
- Re: suid programs and security
  - From: Steve McIntyre <stevem@chiark.greenend.org.uk>

Prev by Date: Re: suid programs and security
Next by Date: Re: suid programs and security
Previous by thread: Re: suid programs and security
Next by thread: Re: suid programs and security
Index(es):
- Date
- Thread