Head Up: Prepare for dropping fuse group in the nearest future

Karel Zak kzak at redhat.com
Tue Feb 5 22:35:55 UTC 2008

On Tue, Feb 05, 2008 at 06:05:59PM +0100, Thorsten Leemhuis wrote:
> Actually I'm wondering if we need some guidelines or other bureaucracy
> hurdles to prevent that packagers use suid binaries without need.
> Preferred: Maybe just a script could do the trick if it checks what
> packages use suid binaries; somebody once every few weeks could run it
> and check if there are new packages with suid binaries. If there are:
> check them if it makes sense to ship them like that.

 That's why I think that our "Package Review Process" is an imperfect
 process. We have barriers for new incoming packages, but there is
 absolute freedom for old packages. IMHO there should be a simplified
 review process before every Fedora release.

 (Of course it's not about suid binaries only.)

 Ad. fuse - Miklos Szeredi is working on unprivileged mount(2) [It's
 on the way to the -mm tree.] The patch provides a possibility to
 mount few "safe" filesystems (e.g fuse) without root permissions.



 Karel Zak  <kzak at redhat.com>

More information about the fedora-devel-list mailing list