On Tue, 24 Jun 1997, Michael Meskes wrote: >It seems I misunderstood what suidmanager does. > >But I still don't see the reason for non-setuid programs listed there >by default. Does that mean 'You can make this program suid, but we >prefer it to be not-suid.'?
It means that a program has registered a binary and will respect changed permissions for that file when upgraded. If you generate an entry in /etc/suid.conf manually it usually means that the package who contains that binary does not make any provisions made to preserve permissions. On the next upgrade those permissions will be lost and you need to run suidregister to restore the permissions to the configuration in /etc/suid.conf. What it means for debmake is: I really would like those binaries to be setuid (restricted to execution only by a group) and it is necessary to use the full capabilities that debmake provides. But there was a significant disagreement about having such binaries installed by default. Fantastic rumours and imaginative stories about setuid binaries in debmake began to be spread on debian-devel and so I finally decided to not install those permissions by default. That was the initial motivation to develop suidmanager by the way.... >Michael > >-- >Dr. Michael Meskes, Projekt-Manager | topsystem Systemhaus GmbH >[EMAIL PROTECTED] | Europark A2, Adenauerstr. 20 >[EMAIL PROTECTED] | 52146 Wuerselen >Go SF49ers! Go Rhein Fire! | Tel: (+49) 2405/4670-44 >Use Debian GNU/Linux! | Fax: (+49) 2405/4670-10 > >>-----Original Message----- >>From: Christoph Lameter [SMTP:[EMAIL PROTECTED] >>Sent: Tuesday, June 24, 1997 4:51 PM >>To: Michael Meskes >>Cc: Die Adresse des Empfängers ist unbekannt. >>Subject: RE: Use of suidmanager >> >>On Tue, 24 Jun 1997, Michael Meskes wrote: >> >>>But that means we have to add all permission since all are configurable. >>>Isn't it a better idea to save the standard setting only for those >>>programs that are setuid by default? >> >>I am not sure that I understand this. >> >>/etc/suid.conf contains permission for suid candidates in order to make it >>easy to give those files suid status by simply editing the file. >> >>entries in suid.conf also will cause the preservation of those permissions >>across updates. >> >>--- +++ --- +++ --- +++ --- +++ --- +++ --- +++ --- +++ --- >> >> >>-- >>TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to >>[EMAIL PROTECTED] . >>Trouble? e-mail to [EMAIL PROTECTED] . >> > > --- +++ --- +++ --- +++ --- +++ --- +++ --- +++ --- +++ --- -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
