Re: sudo and changes in packaging guidelines

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 4/13/12 2:37 PM, Frank Ch. Eigler wrote:



[...]
If your package meets the following criteria you MUST enable the PIE compiler
flags:
[...]
   * Your package runs as root.
[...]


If this is meant to cover administrative binaries that have no
privilege escalation pieces of their own, merely run by root, then
what makes them different from any other /bin/* program that a root
process might invoke?
It's not meant to cover that. That phrasing is meant to cover system components like init that do not function _unless_ run as uid 0. 

- ajax

--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux