Package: debian-policy Version: 3.8.4.0 Severity: wishlist Regarding Debian Policy 10.9.
First, I suggest that Debian Policy require, or at least recommend, that packages not use dpkg-statoverride to set permissions for files with static uids and gids. In other words, if it is possible for the maintainer to set the permissions in the package binary itself, then he should. As for setting permissions for files with dynamic ids, debian policy says that dpkg-statoverride is necessary. This is not true, or at least misleading. Certainly the post install script should check to make sure that there isn't any override in place before setting file permissions, but I think it would be better to set permissions with chown and chmod than dpkg-statoverride. In summary, I have 2 similar suggestions: 1) require that permissions be set in the package binary for files with static uid and gids (this is easier anyway) 2) forbid the use of dpkg-statoverride, except for getting a list of the preferences already set by the administrator. -Brandon
signature.asc
Description: PGP signature
