Package: debian-policy Hi,
10.9 Permissions and owners currently says | Files should be owned by root:root, and made writable only by the | owner and universally readable (and executable, if appropriate), | that is mode 644 or 755." However most files shouldn't be modified as modifications will just be lost (e.g. everything installed by the package manager that isn't handled as a conffile). It also gives more permissions than the minimum needed. I think static files should not be writable instead, so every file under /usr (and /bin, /sbin, /lib*; or everything dpkg installs that is not a conffile) should have 444 (or 555). Ansgar
