On Sat, May 10, 2003 at 03:09:59AM +0200, Jos? Luis Tall?n wrote:
> At 01:33 10/05/2003 +0100, you wrote:
> >On Sat, May 10, 2003 at 12:53:16AM +0200, Jos? Luis Tall?n wrote:
> >> *Since the program needs some SUID executables I do two things:
> >> - tell the user to run 'dpkg-reconfigure cdrecord' to enable recording
> >> for unprivileged users; warn about security implications
> >> - chown root.cdrom; chmod 4750 /usr/bin/{setScheduler,CDWverify} in the
> >> postinst, so that lintian does not give a warning.
> >
> >If the default is setuid, I think that's a bad idea. If the executable
> >needs to be setuid, then it needs to be setuid, and you should override
> >the lintian warning rather than obfuscating the package so that lintian
> >doesn't notice (although get somebody who knows more about the situation
> >to verify that the override's correct beforehand).
>
> where is "overriding lintian" documented ?
Section 2.4 of the Lintian User's Manual, in /usr/share/doc/lintian.
> >Either way, you should be telling people to use dpkg-statoverride if
> >they want to change the permissions.
> >
> >Also, 4750 is too tight; there's no reason not to make the executables
> >readable to unprivileged users, i.e. 4754. Policy 11.9 "Permissions and
> >owners" comments on this.
>
> I did read it and do that the first time.
> However, the upstream source does runtime validation of permissions -- It
> will refuse to work with anything but 4750.
I'd be inclined to patch the upstream source such that it will accept
world-readability.
Cheers,
--
Colin Watson [EMAIL PROTECTED]
