From owner-cvs-ports@FreeBSD.ORG Tue Mar 2 09:55:33 2004 Return-Path: Delivered-To: cvs-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E204116A4CE; Tue, 2 Mar 2004 09:55:33 -0800 (PST) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9ECF243D1F; Tue, 2 Mar 2004 09:55:33 -0800 (PST) (envelope-from nectar@celabo.org) Received: from localhost (localhost [127.0.0.1]) by gw.celabo.org (Postfix) with ESMTP id 23A9554846; Tue, 2 Mar 2004 11:55:33 -0600 (CST) Received: from gw.celabo.org ([127.0.0.1]) by localhost (hellblazer.celabo.org [127.0.0.1]) (amavisd-new, port 10024) with SMTP id 88902-08; Tue, 2 Mar 2004 11:55:22 -0600 (CST) Received: from lum.celabo.org (n00.bcrtfl01.us.wh.nameservers.net [208.55.254.110]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "lum.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id 3D0185482B; Tue, 2 Mar 2004 11:55:22 -0600 (CST) Received: by lum.celabo.org (Postfix, from userid 501) id 37BC410CC62; Tue, 2 Mar 2004 11:55:12 -0600 (CST) Date: Tue, 2 Mar 2004 11:55:12 -0600 From: "Jacques A. Vidrine" To: Eivind Eklund Message-ID: <20040302175511.GD1377@lum.celabo.org> References: <20040302153831.GK13724@sirius.firepipe.net> <200403021553.i22Frvhr030302@green.homeunix.org> <20040302161147.GK27008@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040302161147.GK27008@FreeBSD.org> User-Agent: Mutt/1.4.1i X-Url: http://www.celabo.org/ cc: "Brian F. Feldman" cc: Michael Nottebrock cc: Will Andrews cc: ports-committers@FreeBSD.org cc: cvs-all@FreeBSD.org cc: cvs-ports@FreeBSD.org cc: Michael Nottebrock Subject: Re: cvs commit: ports/audio/arts Makefile X-BeenThere: cvs-ports@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Mar 2004 17:55:34 -0000 On Tue, Mar 02, 2004 at 04:11:47PM +0000, Eivind Eklund wrote: > It is inacceptable to have our desktop systems not work properly. > Desktop users is where we recruit a large fraction of our developers. > > I think that the change in question looks safe (I've reviewed the > wrapper in question - the only two things that I'd have done differently > is move a printf to after dropping privileges, and just do a forced drop > of privileges instead of testing to see if it is necessary). I also > think that wanting to have the users give explict OK is a worthy goal - > but this HAS to be doable globally, and it HAS to be obvious to the > users. Perhaps a wrapper-wrapper would be the solution. > > Barring that, I think that we should just review the wrappers really > carefully and keep the setuid bits. arts is used by more than just KDE, and artsd isn't needed in many cases (much less a set-user-ID artswrapper). We should not be installing another set-user-ID binary that would only ever be used in attempted privilege escalation. arts has been fine with no set-user-ID; it is trivial to make set-user-IDness an option; it is trivial to make accomodate even the package user that doesn't care about possible security issues. Cheers, -- Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org