Thibaut Paumard <[EMAIL PROTECTED]> wrote: > Le jeudi 06 juillet 2006 à 07:36 +1000, Matthew Palmer a écrit : > [about suid bits] >> My personal preference would be for the maintainer to just take a stand, set >> it or not, and let people who actually know what's going on to use >> dpkg-statoverride to fix the problem to their satisfaction. (This actually >> also applies to man-db and cdrecord, as it happens, but there's a lot of >> inertia to overcome there). > > In that case, does it make sense to prompt the admin once from the > postinst script with a message such as: > "Warning: <such file> from <such package> installed with suid bit. If > this is unacceptable at your site, use dpkg-statoverride to clear this > bit." ?
I don't think so. If it is important enough to justify such a warning, the default should rather be not to set the setuid bit. On the other hand, if it isn't so important, a note in README.Debian (and the relevant manpages) is sufficient. Regards, Frank -- Frank Küster Single Molecule Spectroscopy, Protein Folding @ Inst. f. Biochemie, Univ. Zürich Debian Developer (teTeX)
