Re: setuid binary for beep program

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2010-03-29 at 20:59 +0200, Jan Klepek wrote:
> Hi,
> 
> I'm looking for a way how to correctly have beep program[1] with setuid
> binary (I mean, what is correct process for this from maintainer point
> of view? Or what should be done except change in spec file). I saw
> http://fedoraproject.org/wiki/Privilege_escalation_policy
> however, I have no idea what should I do that beep package will
> implement it correctly.

That policy is mostly a 'don't do privilege escalation for these things'
list. Since beep (afaik) doesn't do any of the things on that page, then
having beep be a setuid binary would not violate the policy.

There isn't really much procedure to follow here. You just have to
convince whoever owns the beep package that the binary should be setuid.
Then s/he would just make it so in the spec. However...

> Currently there is bug[2] which limits correct functionality of perl
> module[3] only to root user.
> 
> [1] https://admin.fedoraproject.org/pkgdb/acls/name/beep
> [2] https://bugzilla.redhat.com/show_bug.cgi?id=573801
> [3] https://admin.fedoraproject.org/pkgdb/acls/name/perl-Audio-Beep

It doesn't look from all that as if setting beep as setuid is
necessarily the best resolution. There must be a better way! Although
ultimately, whichever way you implement it, it comes down to whether we
want everyone to be able to play a beep on a system whenever they feel
like it.
-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux