Head Up: Prepare for dropping fuse group in the nearest future
kzak at redhat.com
Tue Feb 5 22:35:55 UTC 2008
On Tue, Feb 05, 2008 at 06:05:59PM +0100, Thorsten Leemhuis wrote:
> Actually I'm wondering if we need some guidelines or other bureaucracy
> hurdles to prevent that packagers use suid binaries without need.
> Preferred: Maybe just a script could do the trick if it checks what
> packages use suid binaries; somebody once every few weeks could run it
> and check if there are new packages with suid binaries. If there are:
> check them if it makes sense to ship them like that.
That's why I think that our "Package Review Process" is an imperfect
process. We have barriers for new incoming packages, but there is
absolute freedom for old packages. IMHO there should be a simplified
review process before every Fedora release.
(Of course it's not about suid binaries only.)
Ad. fuse - Miklos Szeredi is working on unprivileged mount(2) [It's
on the way to the -mm tree.] The patch provides a possibility to
mount few "safe" filesystems (e.g fuse) without root permissions.
Karel Zak <kzak at redhat.com>
More information about the fedora-devel-list