| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
On 12/31/2012 01:44 AM, Walter Dnes wrote: |
| 5 |
> Moving USE flags from local to global status is frequently discussed |
| 6 |
> here, so this seems to be the right forum to raise the issue... |
| 7 |
> |
| 8 |
> [d531][waltdnes][~] grep suid /usr/portage/profiles/use.desc |
| 9 |
> suid - Enable setuid root program, with potential security risks |
| 10 |
> |
| 11 |
> [d531][waltdnes][~] grep :suid /usr/portage/profiles/use.local.desc |
| 12 |
> net-analyzer/nagios-plugins:suid - Give root privileges to the ICMP, DHCP and IDE S.M.A.R.T. check binaries. This allows them to ignore the access controls that would disallow the nagios user from running the check. |
| 13 |
> net-wireless/kismet:suid - Install a setuid root helper binary with limited functionality; this allows running kismet as a normal user, significantly reducing security risks |
| 14 |
> |
| 15 |
Just because it's a global use flag doesn't mean you cannot redefine it |
| 16 |
locally to more specifically define the use case in a particular |
| 17 |
package. That's clearly what is done for kismet here, I have no desire |
| 18 |
to undefine it and make what happens less clear. |
| 19 |
|
| 20 |
- -Zero |
| 21 |
|
| 22 |
> BTW, I would've appreciated a headsup (news item) on Xorg getting the |
| 23 |
> "suid" USE flag. I use startx, and I couldn't start X <G>. Fortunately, |
| 24 |
> that was on my netbook, and I was able to Google the solution on my |
| 25 |
> desktop machine... http://en.spontex.org/forum/thread/561/1/ I'm |
| 26 |
> posting a heads up on the user list. |
| 27 |
> |
| 28 |
|
| 29 |
-----BEGIN PGP SIGNATURE----- |
| 30 |
Version: GnuPG v2.0.19 (GNU/Linux) |
| 31 |
Comment: Using GnuPG with undefined - http://www.enigmail.net/ |
| 32 |
|
| 33 |
iQIcBAEBAgAGBQJQ4dAuAAoJEKXdFCfdEflKJW0P/0uP17fkn9h+3n+OZTi4B74G |
| 34 |
wjQmGYZ1+uAKZwluUY/4BUR6l03f+ayqQATzxTQyuNjaf0LwHTVvWHCuC0HlrJM2 |
| 35 |
77dWCHE7d9SYDM1uUIyxJHFUtD1OOyrUcsC9+biHk2asVnhMhegR8wvS/iqyHxao |
| 36 |
TiWUjXGQk12jMrMg6cIs1UPprAutLFuDX+JQFoIPew18bFw6fUQVsIcxn3OwjPzQ |
| 37 |
roxDJ+sLmqrs5hZcZ2BhD13o40uZFe75UtshnGBhMseZ/HRCiCy9ABZiPpcQTy8f |
| 38 |
9APXR2APt00CT3rjo2I6iGfqHS09ZfNET9VfcoQZ0GlVuzWk9CxMwKC2tLJazmnz |
| 39 |
uY3dx/A86ej664mq2WyzTAqUZqcK3nnaENoH/YiNqjI49q3+m98twzD4rusUJG+n |
| 40 |
EjGCItcj6uRckV2KBE3dOpuooK8kUNLjAQ1+I4AtX8tZprCwkdgH48UINy19uBB0 |
| 41 |
hwdyeYFBXVPcuk9bMgB0yxnR62JkS/3Txcn1AyxktbsBsEIGmmJrPAuZMv2LIaDp |
| 42 |
U1vp/PC+49GbU4U3IIWXfuvdueQaZsiWhDDUUjRpeQ8dm+IxWfQcyBFHtW+DO17t |
| 43 |
nNsMNnpmE4721+sQJDa/l/rbca8UNK39pcmVcGjJ/KzkOr3F8Yj6eV7OWows2jNd |
| 44 |
3/OkrdiT/rUUsJy8ZQRs |
| 45 |
=E8id |
| 46 |
-----END PGP SIGNATURE----- |
Archives