----- Original Message -----
> I filed an FPC ticket: https://fedorahosted.org/fpc/ticket/467
>
> Thoughts?
My intuition is that if an application needs _everything_ in /usr to be
readable then it is likely broken. Something being placed in /usr does _not_
imply that it is supposed to be used by everyone. An administrator can come
and change the permissions at any time, and the packaging guideline would not
affect anything not included in Fedora-distributed RPMs. And if we look only
at the cases that would be helped by the proposed guideline, i.e. only
depending on Fedora RPM-distributed files (but not being particular about what
the purpose of kind of file this is), the application would probably be better
off just opening and reading the RPMs from repos directly instead of reusing
whatever local damage could have been done to the partition.
Perhaps there are useful subsets of files in /usr where mandating this would be
useful; but all of /usr is seems like an unnecessary overreach.
(And to the specific examples brought up: No opinion on systemd services;
making setuid binaries not world-readable has a _definite_ benefit when prelink
is set up, OTOH that is no longer a default.)
Mirek
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
