On Mar 10, 2004, at 02:02, Giuliano Gavazzi wrote: > wasn't there a stupid process in linux that would un-setuid files
> that were not in a preset list?
The statement is slightly inaccurate, but in _Debian_ GNU/Linux (and
GNU/Hurd) there is a "statoverride" database. This is to address the
following issue:
When you upgrade a package, the new files contained in the package will
be installed with default permissions, overriding any "custom"
permissions you have set on the old version.
However, if you type in something like:
# dpkg-statoverride --update --add root root 4755 /usr/sbin/exim4
then the given ownership/permissions are applied to this particular
file, even after you replace it with a newer version.
What, exactly, is "stupid" about this solution?
Or to ask a different way, given that you think this method is
"stupid", what would you propose?
-tor
--
[ smime.p7s of type application/pkcs7-signature deleted ]
--