cvs commit: ports/audio/arts Makefile
Jacques A. Vidrine
nectar at FreeBSD.org
Tue Mar 2 09:55:34 PST 2004
On Tue, Mar 02, 2004 at 04:11:47PM +0000, Eivind Eklund wrote:
> It is inacceptable to have our desktop systems not work properly.
> Desktop users is where we recruit a large fraction of our developers.
>
> I think that the change in question looks safe (I've reviewed the
> wrapper in question - the only two things that I'd have done differently
> is move a printf to after dropping privileges, and just do a forced drop
> of privileges instead of testing to see if it is necessary). I also
> think that wanting to have the users give explict OK is a worthy goal -
> but this HAS to be doable globally, and it HAS to be obvious to the
> users. Perhaps a wrapper-wrapper would be the solution.
>
> Barring that, I think that we should just review the wrappers really
> carefully and keep the setuid bits.
arts is used by more than just KDE, and artsd isn't needed in many cases
(much less a set-user-ID artswrapper). We should not be installing
another set-user-ID binary that would only ever be used in attempted
privilege escalation.
arts has been fine with no set-user-ID;
it is trivial to make set-user-IDness an option;
it is trivial to make accomodate even the package user that doesn't care
about possible security issues.
Cheers,
--
Jacques Vidrine / nectar at celabo.org / jvidrine at verio.net / nectar at freebsd.org
More information about the cvs-all
mailing list