On Tue, Jan 19, 1999 at 04:43:37PM -0500, Ben Collins wrote: > On Tue, Jan 19, 1999 at 02:29:44PM -0700, Anthony Fok wrote: > > As the Slink deep freeze and release are impending, I would like to ask > > your advice: Should I follow the suggestion given by the bug reporter > > Thomas Roessler? If so, should I fix this bug before Slink is out? I > > am kind of busy with school now and would like to put it off till the > > holiday, but if all of you experienced developers feel that it is > > urgent, I will try to fix it before Slink is released. > > I would suggest making it sgid to group floppy, them make it mode 2754. > There doesn't seem to be a need to have it suid root since /dev/fd? is > writable by group floppy.
I don't think you can mount filesystems unless you're root. > 1) Only people in group floppy will be able to execute it, That's a useful feature, though. You could make it owned by root.floppy, mode 1754. (There is no real need to make it setgid floppy in any case.) When the docs for a setuid program warn you "not to trust its security" then be afraid, be very afraid. It shouldn't be automatically setuid in Debian until _some_ security-conscious person has audited it carefully. Have fun, Avery