Head Up: Prepare for dropping fuse group in the nearest future
Thorsten Leemhuis
fedora at leemhuis.info
Tue Feb 5 17:05:59 UTC 2008
On 05.02.2008 17:10, Peter Lemenkov wrote:
>
> Due to landing of upcoming Gnome release in Fedora 9 I decided to drop
> fuse group.
>
> The main reason is that future Gnome VFS will use fuse as a backend,
> and we wil be forced to add all users into fuse group (if we allow
> them to use Gnome VFS) what will made the existence of fuse group
> useless..
>
> Any objections?
Well, when I got fuse integrated into Fedora several well-known and
long-term Red Hat/Fedora developers said "it needs a security audit
before we drop the fuse group". Not that long ago when we discussed
https://bugzilla.redhat.com/show_bug.cgi?id=298651
http://secunia.com/advisories/26938/
I heard that once or twice again.
Did that audit happen?
Do we care?
Actually I'm wondering if we need some guidelines or other bureaucracy
hurdles to prevent that packagers use suid binaries without need.
Preferred: Maybe just a script could do the trick if it checks what
packages use suid binaries; somebody once every few weeks could run it
and check if there are new packages with suid binaries. If there are:
check them if it makes sense to ship them like that.
Cu
knurd
More information about the fedora-devel-list
mailing list