Re: Bug#380914: help with python transition in pyracerz game
On Wed, Sep 06, 2006 at 06:49:42PM -0300, Jose Carlos Medeiros wrote: > I updated package,, but before upload it , I would like to solve this > file permissions problem. > Well, DSFG says that we cannot put a chmod 77 in a /var/games/* file then > to solve I setted suid to group games and put /var/games/..file.conf > in games group. > With binary packages I havent problems,, but as pyRacerz is > interpreted using python, set suid to pyracerz script do not work :( > I couldnt this in just 2 solutions. > 1 - chmod 777 /var/games/pyracerz/pyracerz.conf > or > 2 - set suid to python executable. > I dont need to say that second option is out of question :) The first even moreso; it allows users to bypass system quotas and, in theory, can lead to exploitable security holes when pyracerz reads the file. (I can't find any such security holes in the pyracerz code *presently*, FWIW, but that does NOT make it ok to create a world-writable file!) > This file must be in /var/games, because all users in same pc can see > history and etc.And if I put this file in home user, just this > user will read this file. Then you need to figure out how to make an sgid games pyracerz binary. The first solution that suggests itself to me is a small sgid wrapper written in C that does nothing except change gid and execute the python program. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Who is supposed to remove the .pyc files? (see #386211)
Hello, I received bug report #386211: Package: plucker Version: 1.8-16+b1 Severity: normal Upon update to this version the byte-compiled files in /usr/lib/python2.3/site-packages/PyPlucker/ were left behind. 1.8-16+b1 is generated for Python 2.4 so the installed files are now in /usr/lib/python2.4/site-packages/PyPlucker/ and /usr/lib/python2.3/site-packages/PyPlucker/ should be empty (and deleted). My problem is that the package does not provide the .pyc files. These files are generated when executing the Python script as _root_. Executing the Python scripts as a normal user does not create the .pyc (permission denied, of course). How am I supposed to manage this? Thanks, PS: I am not on the mailing list. Reply-to: set correctly. -- Dr. Ludovic Rousseau[EMAIL PROTECTED] -- Normaliser Unix c'est comme pasteuriser le camembert, L.R. -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Who is supposed to remove the .pyc files? (see #386211)
# sorry pal, but such a bug renders the package completely unusable, and # is also a policy violation. severity 386211 grave thanks Le jeu 7 septembre 2006 14:20, Ludovic Rousseau a écrit : > Hello, > > I received bug report #386211: > Package: plucker > Version: 1.8-16+b1 > Severity: normal > > Upon update to this version the byte-compiled files in >/usr/lib/python2.3/site-packages/PyPlucker/ > were left behind. > > 1.8-16+b1 is generated for Python 2.4 so the installed files are now > in /usr/lib/python2.4/site-packages/PyPlucker/ and > /usr/lib/python2.3/site-packages/PyPlucker/ should be empty (and > deleted). > > My problem is that the package does not provide the .pyc files. These > files are generated when executing the Python script as _root_. > Executing the Python scripts as a normal user does not create the > .pyc (permission denied, of course). > > How am I supposed to manage this? you were supposed to remove them in the postrm of you package, as per policy (the old one). so now, you are just "fucked", you have to : 1. rm -rf /usr/lib/python2.3/site-packages/PyPlucker/ in the preinst of your package. 2. and then make it comply with the new policy, using dh_pysupport or dh_pycentral that will take care of the byte-compilation of your package, and the transitions also. wich seems to be already done. -- ·O· Pierre Habouzit ··O[EMAIL PROTECTED] OOOhttp://www.madism.org pgpJjMdyn6NmY.pgp Description: PGP signature
