On Sun, 3 Aug 2003 23:52:57 -0400, Joey Hess [EMAIL PROTECTED] said:
Manoj Srivastava wrote:
Policy can make it so that packages are not accepted into Debian
unless you hop through certain hoops. Like making sure the upload
has a signature. Or that it has an entry in the override file.
No,
* Manoj Srivastava
| Why do we need policy to tell us to do what you suggest are
| good, common sense things?
Because common sense isn't as common as it should be. Not even among
DDs. :(
--
Tollef Fog Heen,''`.
UNIX is user
On Fri, 1 Aug 2003, [iso-8859-2] Micha³Politowski wrote:
On Fri, 1 Aug 2003 19:19:10 +1000, Matthew Palmer wrote:
[...]
From my investigations, I thought that the intended use of dpkg-statoverride
was by the local administrator, modifying the default suid/sgid and
ownership of the file
On Sat, 2 Aug 2003, Manoj Srivastava wrote:
It is? OK, I am telling you /usr/bin/bar program in package
foo really needs to be sgid. I'll document it in bar.6. Is this the
end of discussion? Or are we going to really need to look at the code
to see if the setgidness can be worked
On Sat, 2 Aug 2003, Manoj Srivastava wrote:
Why do we need policy to tell us to do what you suggest are
good, common sense things?
Oh come on. You honestly think there is common sense in this project? Not
everyone is as smart, brilliant, and perfect as you.
If there was common sense,
On Sun, 3 Aug 2003, Manoj Srivastava wrote:
Policy can make it so that packages are not accepted into
Debian unless you hop through certain hoops. Like making sure the
upload has a signature. Or that it has an entry in the override
file. I can easily code an entry for katie and
On Sun, Aug 03, 2003 at 10:04:09PM -0500, Manoj Srivastava wrote:
I can easily code an entry for katie and friends that takes a new
package, and marks up the ones with setgid bits set -- and the ftp
maintainers do not create override entries until they see a consensus
develop, or the
On Sun, Aug 03, 2003 at 11:58:13PM -0500, Manoj Srivastava wrote:
As I have said before, I have no beef with programs being
audited. My point, from the beginning, was that the proposal seemed
to talk about consensus on the list, and seemed to state it was a bug
not to have achieved
On Mon, Aug 04, 2003 at 10:33:59AM -0500, Adam Heath wrote:
On Sat, 2 Aug 2003, Manoj Srivastava wrote:
It is? OK, I am telling you /usr/bin/bar program in package
foo really needs to be sgid. I'll document it in bar.6. Is this the
end of discussion? Or are we going to really need
On Sun, Aug 03, 2003 at 10:57:51AM +0900, Oohara Yuuma wrote:
I don't care if you mandate a prior peer view _request_ (not prior approval)
This is what was proposed, except that it was recommended rather than
mandated.
--
- mdz
On Sat, Aug 02, 2003 at 08:58:00PM -0500, Manoj Srivastava wrote:
Given the last review of a setgid program, I wonder if two
people are enough.
Surely two people would be an improvement over the current situation, where
there is no review at all. Our demonstration has shown how one
On Sat, Aug 02, 2003 at 08:58:00PM -0500, Manoj Srivastava wrote:
Given the last review of a setgid program, I wonder if two
people are enough. The mistake was simple, human, and undesrtandable,
but the review does not in fact talk about any flaws in the current
version of angband
On Sun, Aug 03, 2003 at 03:14:23AM -0400, Matt Zimmerman wrote:
Surely two people would be an improvement over the current situation, where
there is no review at all. Our demonstration has shown how one person can
discover some common flaws with a relatively brief review.
*Exactly*. Well
Manoj Srivastava wrote:
Packaging informatoin, not program behaviour affected by
this. Packaging details are determined by developers, and can be
easily changed.
Packaging informatoin, not program behaviour affected by
this. Packaging details are determined by developers,
Matt Zimmerman wrote:
There are other solutions, including group membership, but it doesn't
matter, because that is not what I am talking about. The fact is, many
programs run with privileges that they do NOT require in order to function
acceptably, or even fully, and I want to promote
On Sun, 3 Aug 2003 03:14:23 -0400, Matt Zimmerman [EMAIL PROTECTED] said:
On Sat, Aug 02, 2003 at 08:58:00PM -0500, Manoj Srivastava wrote:
This bug and others existed in your package for over four years (and
still exist in stable today). We might still not know about it if
you had not
On Sat, 2 Aug 2003 22:17:16 -0400, Matt Zimmerman [EMAIL PROTECTED] said:
On Sat, Aug 02, 2003 at 08:14:15PM -0500, Manoj Srivastava wrote:
Heh. You should look at what is in the current version:
Is that what you would say to the users who have angband installed
on Woody? I do not think
On Sun, 3 Aug 2003 11:59:03 -0400, Joey Hess [EMAIL PROTECTED] said:
In certian cultures, including mine, gratutious repitions of ones
point is considered childish and rude and something most of us
outgrow by age 6.
I would much rather you restricted your responses to the
substance
On Sun, 3 Aug 2003 00:16:59 -0400, Matt Zimmerman [EMAIL PROTECTED] said:
On Sun, Aug 03, 2003 at 10:57:51AM +0900, Oohara Yuuma wrote:
I don't care if you mandate a prior peer view _request_ (not prior
approval)
This is what was proposed, except that it was recommended rather
than
Manoj Srivastava wrote:
Not without a transition plan in the general case. And my
point, which you have not addressed, was that most of your examples
were not ones that mandated significant changes to the source or
behavior of programs.
First, most of these alloowed people
Manoj Srivastava wrote:
I haven't objected to code reviews of packages; I objected to
gathering consensus through discussion; and making admission of new
packages incumbent on such consensus.
Again, how is this different from the debian-legal mailing list?
--
see shy jo, amazed at
On Sun, 3 Aug 2003 13:24:13 -0400, Joey Hess [EMAIL PROTECTED] said:
Manoj Srivastava wrote:
Not without a transition plan in the general case. And my point,
which you have not addressed, was that most of your examples were
not ones that mandated significant changes to the source or
Manoj Srivastava wrote:
I would be enthusiastically for a list like -legal, where
people can go and ask for help to have packages audited, but not for
people rolling up policy to beat people on the head to make it so.
Perhaps your confusion stems from me using a non-normative should in
On Sun, 3 Aug 2003 18:53:34 -0400, Joey Hess [EMAIL PROTECTED] said:
Manoj Srivastava wrote:
I would be enthusiastically for a list like -legal, where people
can go and ask for help to have packages audited, but not for
people rolling up policy to beat people on the head to make it so.
Manoj Srivastava wrote:
I note that later discussion tried to paint this whole process
as getting people involved in auditing code, and not a mandatory
requirement (ie, if you do not get a consensus then your package is
buggy) that was in the original proposal.
Fundamentally you make
On Sun, 3 Aug 2003 22:30:52 -0400, Joey Hess [EMAIL PROTECTED] said:
Manoj Srivastava wrote:
I note that later discussion tried to paint this whole process as
getting people involved in auditing code, and not a mandatory
requirement (ie, if you do not get a consensus then your package is
Manoj Srivastava wrote:
Policy can make it so that packages are not accepted into
Debian unless you hop through certain hoops. Like making sure the
upload has a signature. Or that it has an entry in the override
file.
No, those have nothing to do with policy and are implemented
On Fri, 1 Aug 2003 21:12:10 -0400, Joey Hess [EMAIL PROTECTED] said:
Manoj Srivastava wrote:
This seems like a good practice kind of recommendation, not an
requirement, and as such, may be better suited to be included in
developers reference rather than policy, don't you think?
I agree
On Fri, 1 Aug 2003 23:57:04 +0200, Bernd Eckenfels [EMAIL PROTECTED] said:
On Fri, Aug 01, 2003 at 03:58:13PM -0500, Manoj Srivastava wrote:
Hmm. Are you willing then to help modify each game to allow this to
happen? Some changes are quite extensive.
Hmm.. I am sure the maintainers of the
On Fri, Aug 01, 2003 at 09:16:25PM -0400, Joey Hess wrote:
Only because Steve Kemp is doing some good work on auditing our games.
I suspect he would have just as much luck finding security holes in some
other areas.
I've mostly covered the games now, there's not too many left that I
On Fri, Aug 01, 2003 at 11:39:24PM -0500, Manoj Srivastava wrote:
You are now talking about putting things into policy that
require maintainerrs to change program behaviour to attain similar
functionality and features; and all the examples you quote are about
packaging details that
On Fri, Aug 01, 2003 at 10:24:46PM +0200, Bernd Eckenfels wrote:
DSA-360: no (daemon)
DSA-359: yes (uid root: hardware access)
DSA-358: no (kernel)
DSA-357: no (daemon)
DSA-356: yes (gid games)
DSA-355: no (web css)
DSA-354: yes (gid games)
DSA-353: no (daemon, temp file)
On Sat, 2 Aug 2003 13:09:09 -0400, Matt Zimmerman [EMAIL PROTECTED] said:
On Fri, Aug 01, 2003 at 11:39:24PM -0500, Manoj Srivastava wrote:
You are now talking about putting things into policy that require
maintainerrs to change program behaviour to attain similar
functionality and features;
On Sat, Aug 02, 2003 at 12:49:06PM -0500, Manoj Srivastava wrote:
On Sat, 2 Aug 2003 13:09:09 -0400, Matt Zimmerman [EMAIL PROTECTED] said:
No, we are talking about recommending that developers discuss with other
developers before making a change to their package which is
So, we do
On Sat, 2 Aug 2003 14:50:16 -0400, Matt Zimmerman [EMAIL PROTECTED] said:
On Sat, Aug 02, 2003 at 12:49:06PM -0500, Manoj Srivastava wrote:
On Sat, 2 Aug 2003 13:09:09 -0400, Matt Zimmerman [EMAIL PROTECTED]
said:
No, we are talking about recommending that developers discuss
with other
On Sat, Aug 02, 2003 at 02:22:27PM -0500, Manoj Srivastava wrote:
Often, I believe that the discussion will determine whether or not
it truly depends on being setid.
That would be really hard to do, unless soneone gets into the
nitty gritty of the code and determines it is not.
On Sat, Aug 02, 2003 at 02:22:27PM -0500, Manoj Srivastava wrote:
On Sat, 2 Aug 2003 14:50:16 -0400, Matt Zimmerman [EMAIL PROTECTED] said:
First, no one would _need_ to discuss this because it is only a
recommendation (though a wise one).
Again, a recommendation, about issues that
On Sat, 2 Aug 2003 22:44:24 +0200, Bernd Eckenfels [EMAIL PROTECTED] said:
On Sat, Aug 02, 2003 at 02:22:27PM -0500, Manoj Srivastava wrote:
Often, I believe that the discussion will determine whether or
not it truly depends on being setid.
That would be really hard to do, unless soneone
On Sat, Aug 02, 2003 at 05:09:56PM -0500, Manoj Srivastava wrote:
It is? OK, I am telling you /usr/bin/bar program in package
foo really needs to be sgid. I'll document it in bar.6. Is this the
end of discussion? Or are we going to really need to look at the code
to see if the
On Sat, 2 Aug 2003 16:55:12 -0400, Matt Zimmerman [EMAIL PROTECTED] said:
On Sat, Aug 02, 2003 at 02:22:27PM -0500, Manoj Srivastava wrote:
On Sat, 2 Aug 2003 14:50:16 -0400, Matt Zimmerman [EMAIL PROTECTED]
said:
First, no one would _need_ to discuss this because it is only a
On Sat, Aug 02, 2003 at 05:38:41PM -0500, Manoj Srivastava wrote:
On Sat, 2 Aug 2003 16:55:12 -0400, Matt Zimmerman [EMAIL PROTECTED] said:
The rules in this section are guidelines for general use. If
necessary you may deviate from the details below. However, if
you do so
On Sat, 2 Aug 2003 20:48:26 -0400, Matt Zimmerman [EMAIL PROTECTED] said:
That's nice. angband links with every library on the planet,
including X11. This should be easy.
[...about 2 minutes later...]
Even easier than I thought.
mizar:[...ity/angband/angband-291/src] tail +81 main.c |
On Fri, 1 Aug 2003 13:46:48 -0400,
Joey Hess [EMAIL PROTECTED] wrote:
--- policy.sgml.orig 2003-08-01 13:40:51.0 -0400
+++ policy.sgml 2003-08-01 13:45:24.0 -0400
@@ -7104,6 +7104,14 @@
execute them.
/p
+p
+ Since setuid and setgid
On Sat, Aug 02, 2003 at 08:14:15PM -0500, Manoj Srivastava wrote:
Heh. You should look at what is in the current version:
Is that what you would say to the users who have angband installed on Woody?
I do not think this is something to laugh about.
Superficial audits are probably
On Sat, 2 Aug 2003 20:48:26 -0400, Matt Zimmerman [EMAIL PROTECTED] said:
This, sir, is a lie.
This statement has very little meaning from you.
Then I think this discussion has reached the end of its useful
life.
I did not call you disingenuous for asking for clarification, I
* Steve Kemp
[...]
| I'm loath to ask the user if it should be setgid in the installer
| because that's just needless distraction, but perhaps some global
| 'setgidnes' setting could be stored in /etc/games?
[...]
what's wrong with a low-priority debconf question with a sane default?
--
On Fri, Aug 01, 2003 at 08:20:08AM +0200, Tollef Fog Heen wrote:
what's wrong with a low-priority debconf question with a sane default?
Absolutely nothing at all, but it's a slippery slope, and I thought
we were tending towards less interactivity in installations?
Steve
--
On Thu, 31 Jul 2003 17:30:11 +0300, Richard Braakman wrote:
On Thu, Jul 31, 2003 at 01:17:01PM +0100, Steve Kemp wrote:
http://www.steve.org.uk/cgi-bin/debian/index.cgi
If you're just scanning for binaries with s bits set, then you'll
probably miss all the ones that use whatever that
* Steve Kemp
| On Fri, Aug 01, 2003 at 08:20:08AM +0200, Tollef Fog Heen wrote:
|
| what's wrong with a low-priority debconf question with a sane default?
|
| Absolutely nothing at all, but it's a slippery slope, and I thought
| we were tending towards less interactivity in installations?
On Fri, Aug 01, 2003 at 10:08:17AM +0200, Micha? Politowski wrote:
On Thu, 31 Jul 2003 17:30:11 +0300, Richard Braakman wrote:
On Thu, Jul 31, 2003 at 01:17:01PM +0100, Steve Kemp wrote:
http://www.steve.org.uk/cgi-bin/debian/index.cgi
If you're just scanning for binaries with s bits
Joey Hess [EMAIL PROTECTED] wrote:
I also think it would be a good idea for policy to require all
setuid/gid bit grants to go through this or another list for peer
review, much as pre-depends are supposed to.
How about creating a new group for each game?
--
Debian GNU/Linux 3.0 is out! (
On Fri, 1 Aug 2003 19:19:10 +1000, Matthew Palmer wrote:
[...]
From my investigations, I thought that the intended use of dpkg-statoverride
was by the local administrator, modifying the default suid/sgid and
ownership of the file as set in the package tarball.
This is also my understanding.
Herbert Xu wrote:
Joey Hess [EMAIL PROTECTED] wrote:
I also think it would be a good idea for policy to require all
setuid/gid bit grants to go through this or another list for peer
review, much as pre-depends are supposed to.
How about creating a new group for each game?
Umm... With hundreds,
On Thu, Jul 31, 2003 at 12:55:28PM -0400, Joey Hess wrote:
I also think it would be a good idea for policy to require all setuid/gid
bit grants to go through this or another list for peer review, much as
pre-depends are supposed to.
I absolutely support this idea. All set[ug]id setups should
On Thu, Jul 31, 2003 at 06:37:53PM +0100, Steve Kemp wrote:
On Thu, Jul 31, 2003 at 12:55:28PM -0400, Joey Hess wrote:
I'd like to see us move all of our setgid games (except, perhaps,
nethack) away from using global score files by default.
I think that should be a good option, but I
On Fri, Aug 01, 2003 at 08:20:08AM +0200, Tollef Fog Heen wrote:
what's wrong with a low-priority debconf question with a sane default?
As long as the sane default is the safe default, which is not to be setgid.
--
- mdz
On Fri, Aug 01, 2003 at 08:45:16PM +1000, Herbert Xu wrote:
Joey Hess [EMAIL PROTECTED] wrote:
I also think it would be a good idea for policy to require all
setuid/gid bit grants to go through this or another list for peer
review, much as pre-depends are supposed to.
How about
On Fri, Aug 01, 2003 at 11:18:53AM -0400, Matt Zimmerman wrote:
I also think it would be a good idea for policy to require all setuid/gid
bit grants to go through this or another list for peer review, much as
pre-depends are supposed to.
I absolutely support this idea. All set[ug]id
* Matt Zimmerman ([EMAIL PROTECTED]) wrote:
On Thu, Jul 31, 2003 at 12:55:28PM -0400, Joey Hess wrote:
I also think it would be a good idea for policy to require all setuid/gid
bit grants to go through this or another list for peer review, much as
pre-depends are supposed to.
I
On Fri, Aug 01, 2003 at 11:26:57AM -0400, Stephen Frost wrote:
* Matt Zimmerman ([EMAIL PROTECTED]) wrote:
I absolutely support this idea. All set[ug]id setups should be reviewed
before they go in the archive, and I volunteer to do the review (though I
hope that others will help). Does
On Fri, Aug 01, 2003 at 11:34:11AM +0200, Tollef Fog Heen wrote:
* Steve Kemp
| On Fri, Aug 01, 2003 at 08:20:08AM +0200, Tollef Fog Heen wrote:
|
| what's wrong with a low-priority debconf question with a sane default?
|
| Absolutely nothing at all, but it's a slippery slope, and I
On Thu, Jul 31, 2003 at 05:33:23PM +0100, Steve Kemp wrote:
There's probably a lot to be said for building a chroot installation
and installing each package in turn; but I don't have the time for that
at the moment.
I have some basic tools for doing this kind of thing using UML's
Matt Zimmerman wrote:
On Fri, Aug 01, 2003 at 11:26:57AM -0400, Stephen Frost wrote:
* Matt Zimmerman ([EMAIL PROTECTED]) wrote:
I absolutely support this idea. All set[ug]id setups should be reviewed
before they go in the archive, and I volunteer to do the review (though I
hope
Matt Zimmerman wrote:
Personally, I would lean more towards having a setgid helper which writes to
the game's score file. It is possible to audit such helpers completely in a
short amount of time, and I feel that it would be far better to open
ourselves up to letting users forge their own
On Fri, Aug 01, 2003 at 01:56:50PM -0400, Joey Hess wrote:
I think you can set it up so users cannot forge high scores by just
running such a helper. Make the helper sgid scorewriter, and make the
games setgid scoresetter (these names could be better). Then the helper
would refuse to write
On Fri, Aug 01, 2003 at 01:46:48PM -0400, Joey Hess wrote:
Here's a draft policy proposal. If this looks ok I'll submit it to the
policy group.
Thanks for doing this. It looks fine, with the exception of a small typo:
+ Since setuid and setgid programs are often a security rick,
On Fri, Aug 01, 2003 at 02:15:26PM -0400, Matt Zimmerman wrote:
it would be trivial to add lintian/linda warnings for this,
There's already a warning for set[ug]id in Lintian.
--
2. That which causes joy or happiness.
On Fri, Aug 01, 2003 at 08:20:40PM +0200, Josip Rodin wrote:
On Fri, Aug 01, 2003 at 02:15:26PM -0400, Matt Zimmerman wrote:
it would be trivial to add lintian/linda warnings for this,
There's already a warning for set[ug]id in Lintian.
Ah, ok. But the point was that it will miss many
* Joey Hess ([EMAIL PROTECTED]) wrote:
--- policy.sgml.orig 2003-08-01 13:40:51.0 -0400
+++ policy.sgml 2003-08-01 13:45:24.0 -0400
@@ -7104,6 +7104,14 @@
execute them.
/p
+p
+ Since setuid and setgid programs are often a security
On Fri, 1 Aug 2003, Matt Zimmerman wrote:
On Fri, Aug 01, 2003 at 08:20:40PM +0200, Josip Rodin wrote:
On Fri, Aug 01, 2003 at 02:15:26PM -0400, Matt Zimmerman wrote:
it would be trivial to add lintian/linda warnings for this,
There's already a warning for set[ug]id in Lintian.
Ah,
On Fri, 1 Aug 2003 11:22:17 -0400, Matt Zimmerman [EMAIL PROTECTED] said:
On Fri, Aug 01, 2003 at 08:20:08AM +0200, Tollef Fog Heen wrote:
what's wrong with a low-priority debconf question with a sane
default?
As long as the sane default is the safe default, which is not to be
setgid.
On Fri, 1 Aug 2003 13:46:48 -0400, Joey Hess [EMAIL PROTECTED] said:
Here's a draft policy proposal. If this looks ok I'll submit it to
the policy group.
Proposal: [DRAFT] require peer review for setuid and setgid program
introduction
Setuid and setgid programs are one of the main causes
On Fri, Aug 01, 2003 at 02:15:50PM -0500, Manoj Srivastava wrote:
Only if the game still works -- some games keep not just score
files, but saved games in the common area, and would not work as
expected if they could not write to that area.
nethack is the only game which comes to mind
On Fri, 1 Aug 2003 16:01:03 -0400
Matt Zimmerman [EMAIL PROTECTED] wrote:
On Fri, Aug 01, 2003 at 02:15:50PM -0500, Manoj Srivastava wrote:
Only if the game still works -- some games keep not just score
files, but saved games in the common area, and would not work as
expected if
On Fri, Aug 01, 2003 at 01:46:48PM -0400, Joey Hess wrote:
Setuid and setgid programs are one of the main causes of security
holes and DSA's in Debian.
Hmm
DSA-360: no (daemon)
DSA-359: yes (uid root: hardware access)
DSA-358: no (kernel)
DSA-357: no (daemon)
DSA-356: yes (gid
On Fri, Aug 01, 2003 at 01:56:50PM -0400, Joey Hess wrote:
I think you can set it up so users cannot forge high scores by just
running such a helper. Make the helper sgid scorewriter, and make the
games setgid scoresetter
Umm... you invent a scorewriter for removing the sgui games bit? And
On Fri, Aug 01, 2003 at 04:13:30PM -0400, Jim Penny wrote:
On Fri, 1 Aug 2003 16:01:03 -0400 Matt Zimmerman [EMAIL PROTECTED] wrote:
nethack is the only game which comes to mind which does this, and I
think it should probably be changed to keep the saved game in the user's
home directory.
On Fri, 1 Aug 2003 22:31:16 +0200, Bernd Eckenfels [EMAIL PROTECTED] said:
BUT: i realy do think each game MUST offer the non sgid option. We
could have a global question herer:
Hmm. Are you willing then to help modify each game to allow
this to happen? Some changes are quite
On Fri, 1 Aug 2003 16:01:03 -0400, Matt Zimmerman [EMAIL PROTECTED] said:
On Fri, Aug 01, 2003 at 02:15:50PM -0500, Manoj Srivastava wrote:
Only if the game still works -- some games keep not just score
files, but saved games in the common area, and would not work as
expected if they could
On Fri, Aug 01, 2003 at 03:58:13PM -0500, Manoj Srivastava wrote:
Hmm. Are you willing then to help modify each game to allow
this to happen? Some changes are quite extensive.
Hmm.. I am sure the maintainers of the affected packages will ask for help.
Greetings
Bernd
--
(OO) --
I demand that Stephen Frost may or may not have written...
[snip]
and a consensus reached which approves of the application and it's
needs. ?
Almost: s/'// :-)
--
| Darren Salt | linux (or ds) at | nr. Ashington,
| woody, sarge, | youmustbejoking | Northumberland
| RISC OS | demon
Matt Zimmerman [EMAIL PROTECTED] wrote:
nethack is the only game which comes to mind which does this, and I think it
should probably be changed to keep the saved game in the user's home
directory. This was clearly done in order to try to prevent cheating, but
again, these days the player
Herbert Xu [EMAIL PROTECTED] writes:
Matt Zimmerman [EMAIL PROTECTED] wrote:
nethack is the only game which comes to mind which does this, and I think it
should probably be changed to keep the saved game in the user's home
directory. This was clearly done in order to try to prevent
Manoj Srivastava wrote:
This seems like a good practice kind of recommendation, not an
requirement, and as such, may be better suited to be included
in developers reference rather than policy, don't you think?
I agree that policy can't force developers to do that, but policy is
already
Bernd Eckenfels wrote:
Looking at this statistic, it is clearly visible that most of the exploits
are game related,
Only because Steve Kemp is doing some good work on auditing our games.
I suspect he would have just as much luck finding security holes in some
other areas.
Yes, but I think the
Bernd Eckenfels wrote:
Umm... you invent a scorewriter for removing the sgui games bit? And then
you add a sgid scoresetter? I dont think this makes mch sence.
You need to learn some more about security then. Small, simple and well
defined programs are often more secure than large monoliths
I demand that Herbert Xu may or may not have written...
Matt Zimmerman [EMAIL PROTECTED] wrote:
nethack is the only game which comes to mind which does this, and I think
it should probably be changed to keep the saved game in the user's home
directory. This was clearly done in order to try
On Sat, Aug 02, 2003 at 09:38:46AM +1000, Herbert Xu wrote:
Matt Zimmerman [EMAIL PROTECTED] wrote:
nethack is the only game which comes to mind which does this, and I think it
should probably be changed to keep the saved game in the user's home
directory. This was clearly done in order
On Fri, Aug 01, 2003 at 09:19:46PM -0400, Joey Hess wrote:
Bernd Eckenfels wrote:
Umm... you invent a scorewriter for removing the sgui games bit? And then
you add a sgid scoresetter? I dont think this makes mch sence.
You need to learn some more about security then. Small, simple and well
A long time ago[1] I asked if there was a list of all the setuid/setgid
binaries contained in the previous Debian stable release.
As there still isn't such a list I've created one and placed it online
with a simple search form.
(This is the list that my recent spate of bug reporting
On Thu, Jul 31, 2003 at 01:17:01PM +0100, Steve Kemp wrote:
http://www.steve.org.uk/cgi-bin/debian/index.cgi
If you're just scanning for binaries with s bits set, then you'll
probably miss all the ones that use whatever that tool was
(suidmanager?) that was used by some packages before we
On Thu, Jul 31, 2003 at 05:30:11PM +0300, Richard Braakman wrote:
If you're just scanning for binaries with s bits set, then you'll
probably miss all the ones that use whatever that tool was
(suidmanager?) that was used by some packages before we had
dpkg-statoverride.
Yes I know that I'm
Steve Kemp wrote:
A long time ago[1] I asked if there was a list of all the setuid/setgid
binaries contained in the previous Debian stable release.
As there still isn't such a list I've created one and placed it online
with a simple search form.
(This is the list that my recent
On Thu, Jul 31, 2003 at 12:55:28PM -0400, Joey Hess wrote:
I'd like to see us move all of our setgid games (except, perhaps,
nethack) away from using global score files by default.
I think that should be a good option, but I can see several
games that might suffer by it.
I'm loath to
On Thu, Jul 31, 2003 at 06:37:53PM +0100, Steve Kemp wrote:
On Thu, Jul 31, 2003 at 12:55:28PM -0400, Joey Hess wrote:
I also think it would be a good idea for policy to require all
setuid/gid bit grants to go through this or another list for peer
review, much as pre-depends are supposed
Steve Kemp wrote:
On Thu, Jul 31, 2003 at 12:55:28PM -0400, Joey Hess wrote:
I'd like to see us move all of our setgid games (except, perhaps,
nethack) away from using global score files by default.
I think that should be a good option, but I can see several
games that might suffer
On Mon, Nov 25, 2002 at 11:39:04PM +, Steve Kemp wrote:
I was wondering if there was a definitive list of all the setuid/setgid
binaries which may be installed from the Debian archives.
(Such a list would be very useful in prioritizing any examination of
source code).
I've
Hi,
I was wondering if there was a definitive list of all the setuid/setgid
binaries which may be installed from the Debian archives.
(Such a list would be very useful in prioritizing any examination of
source code).
I've partially worked my way through the list of packages which are
On Mon, Nov 25, 2002 at 11:39:04PM +, Steve Kemp wrote:
I was wondering if there was a definitive list of all the setuid/setgid
binaries which may be installed from the Debian archives.
(Such a list would be very useful in prioritizing any examination of
source code).
I've
99 matches
Mail list logo
