I just came across a security problem. The application signal-desktop
could not be started anymore because a file from the electron framework
did not set a setuid bit
(https://github.com/signalapp/Signal-Desktop/issues/3536).
For the sandbox feature this obviously needs root privileges.
It creeps me out when an application from an untrusted source installs
programs with root privileges without me even noticing it.
How can I protect myself against this? Is there a way to check Debian
packages for a setuid bit set, e.g. in the post-install script?
Jochen
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
