[Fedora-packaging] Re: Possible UsersAndGroupsDraft

Axel Thimm Axel.Thimm at ATrpms.net
Thu Jun 14 17:35:27 UTC 2007

On Thu, Jun 14, 2007 at 08:40:16AM -0500, Tom spot Callaway wrote:
> On Thu, 2007-06-14 at 10:19 +0200, Axel Thimm wrote:
> > On Wed, Jun 13, 2007 at 11:45:27PM -0500, Tom spot Callaway wrote:
> > > I'm not quite sure I'm ready to bring this to the FPC for a vote, but
> > > I've been working on a modified version of Ville's draft:
> > > 
> > > http://fedoraproject.org/wiki/TomCallaway/UsersAndGroupsDraft
> > > 
> > > While this is more complicated, I think it more adequately covers the
> > > corner cases of adding users and groups. Thoughts?
> > 
> > It is far too complicated, Ville's version did the job already quite
> > well. You're also introducing non-standard tools again. :/
> Not really. The tools I introduced are helper scripts.
> Ville's draft only created the user/group if it didn't exist, and if
> not, didn't, but left the files owned as that user/group. That security
> issue concerns me.

Looking at it again I think it doesn't improve if you elevate the
ownership to root. Imaging the package in question being ftp, http,
mldonkey or whatever daemon has been made non-root so a remote
attacker cannot elevate his priviledges. By making these root the
daemons have too much priviledges.

So please no silent failure and "recovery", if there is a broken
user/group better bail out of the transation. It really will be rare
corner case unless we get a daemon called Jacob or Emily (current top
baby names in the US ;=)
Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-packaging/attachments/20070614/29ec8f52/attachment.sig>

More information about the Fedora-packaging mailing list