--- Robert Collins <[EMAIL PROTECTED]> wrote: > On Sat, 2002-10-12 at 04:06, Paul Baker wrote: > > > > On Friday, October 11, 2002, at 10:27 AM, Claes Wallin wrote: > > > > > Of course we need to take security seriously, but I'm not > convinced > > > that demanding unnecessary privileges or faking them does that. > These > > > files don't need to be owned by root or seem to be owned by root > during > > > the packaging process - we should be able to just tell tar to > override > > > the fs metadata. I realize that the current system works, but I > reserve > > > the right to call it a silly hack. > > > > And tar does not let you override the fs metadata unless it thinks > you > > are root. Making a custom version of tar that allowed anyone to do > it > > would be a silly hack. Fakeroot is not a silly hack. Read the man > page. > > I agree that allowing anyone to override such metadata would be a > 'silly > hack'. It's also a trivial one. The point is that checking for > uid=500 > on cygwin *IS STILL BROKEN*.
I am logging in as a normal user with local admin privs. I think even if you log in as a normal user, 500 is the standard. > Any NT shop that logs folk in as > administrator is very far away from best practice. Sure, but that is not what I am doing. > Using Run As > 'Administrator' is acceptable, but still not good. Using 'Run As' > with > another administrative account, one per admin, is best practice. That is only supported under Win2k. > And > that will NEVER have uid 500. Are you sure? I will have to run some tests... > If you need to have a tar with root > owned > files, thats one thing. Any user in the Administrative users group > can > create root owned files, and that is what 'root user checks' should > be > checking for in this case. I almost aggree. But also I should be able as a non-admin be able to create an archive. Lets say you have a guest account to do you compilations every night, but you dont want it to be admin. The issue is that only the admin should be able to install system wide packages. The issue with the UIDS is really not very important under windows nt, is it? Only the permissions of the files. But as soon as you take the file out of the context of a ntfs filesystem, you lose the acls anyway. If you tar up a directory under windows, I dont think the uids make much differences. Once you put your .deb packages on a CDrom filesystem for distibution, what permissions are left? mike ===== James Michael DuPont http://introspector.sourceforge.net/ __________________________________________________ Do you Yahoo!? Faith Hill - Exclusive Performances, Videos & More http://faith.yahoo.com
