| 1 |
Quoting Ciaran McCreesh <ciaranm@×××××××.org>: |
| 2 |
|
| 3 |
> On Fri, 12 Jan 2007 16:02:01 +0900 Georgi Georgiev <chutz@×××.net> |
| 4 |
> wrote: |
| 5 |
|
| 6 |
... nothing to add here, sounds alright ... |
| 7 |
|
| 8 |
> | Still, your point makes sense. But I hope that you will agree that |
| 9 |
> | as long as FEATURES=userpriv exists it should be enforced. If it can |
| 10 |
> | be circumvented the FEATURE may as well be removed and the whole |
| 11 |
> | problem dealt with. |
| 12 |
> |
| 13 |
> No. userpriv is a nice safety feature to prevent against *accidental* |
| 14 |
> screwups, but it has absolutely no value as a security feature. There |
| 15 |
> are a small number of occasions where it really does need to be |
| 16 |
> disabled, and that option should be available for the ebuild author |
| 17 |
> without the need to worry about silly users refusing to install the |
| 18 |
> package merely because of their misunderstanding of what userpriv does. |
| 19 |
|
| 20 |
And there are probably just as many situations when the RESTRICT is |
| 21 |
abused. I can vaguely recall only one such example: either vpopmail or |
| 22 |
courier-imap refuse to compile *not* as root which is silly. |
| 23 |
|
| 24 |
Anyway, what is userpriv? Just a useless safety feature? Why have it at all? |
| 25 |
|
| 26 |
|
| 27 |
---------------------------------------------------------------- |
| 28 |
This message was sent using IMP, the Internet Messaging Program. |
| 29 |
|
| 30 |
|
| 31 |
-- |
| 32 |
gentoo-dev@g.o mailing list |
Archives