On Tue, Feb 05, 2008 at 06:05:59PM +0100, Thorsten Leemhuis wrote: > Actually I'm wondering if we need some guidelines or other bureaucracy > hurdles to prevent that packagers use suid binaries without need. > Preferred: Maybe just a script could do the trick if it checks what > packages use suid binaries; somebody once every few weeks could run it > and check if there are new packages with suid binaries. If there are: > check them if it makes sense to ship them like that. That's why I think that our "Package Review Process" is an imperfect process. We have barriers for new incoming packages, but there is absolute freedom for old packages. IMHO there should be a simplified review process before every Fedora release. (Of course it's not about suid binaries only.) Ad. fuse - Miklos Szeredi is working on unprivileged mount(2) [It's on the way to the -mm tree.] The patch provides a possibility to mount few "safe" filesystems (e.g fuse) without root permissions. http://lwn.net/Articles/265220/ Karel -- Karel Zak <kzak@xxxxxxxxxx> -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
