László Böszörményi (GCS) wrote: > Also please note that the current state can be interpreted as some > kind of security threat. Its binary installed as setuid and executable > for everyone. A more safe solution would be a separate group and only > its members would be allowed to execute linux-user-chroot .
Yup, I'm not sure how serious the threat may be, but restricting it a bit would fine for me. Note though that the Fedora package does not do that[1] and since it is done by Colin I'm not sure if we want to diverge from it. Asking Colin about the group restriction may be a good a idea. [1] http://pkgs.fedoraproject.org/cgit/linux-user-chroot.git/tree/linux-user-chroot.spec#n32 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
