Hi, Jochen. El Mon, 30 Sep 2019 19:29:34 +0200 "J. Fahrner via Dng" <dng@lists.dyne.org> escribió:
> I just came across a security problem. The application signal-desktop > could not be started anymore because a file from the electron framework > did not set a setuid bit > (https://github.com/signalapp/Signal-Desktop/issues/3536). > For the sandbox feature this obviously needs root privileges. > It creeps me out when an application from an untrusted source installs > programs with root privileges without me even noticing it. > How can I protect myself against this? Is there a way to check Debian > packages for a setuid bit set, e.g. in the post-install script? See the manpage for dpkg-statoverride(1) and the file /val/lib/dpkg/statoverride Cheers. -- Gonzalo Pérez de Olaguer Córdoba s...@gpoc.es -=- buscando empleo desde 1988 -=- www.gpoc.es PGP: 3F87 CCE7 8B35 8C06 E637 2D57 5723 9984 718C A614 _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
