[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-devel:12598] Re: (draft) [SECURITY] New version of canna released

From: ISHIKAWA Mutsumi <ishikawa@xxxxxxxxxxx>
Subject: [debian-devel:12598] Re: (draft) [SECURITY] New version of canna released
Date: Mon, 3 Jul 2000 23:00:15 +0900
Organization: ad-hoc.org
X-dispatcher: imput version 20000228(IM140)
X-ml-info: If you have a question, send a mail with the body "# help" (without quotes) to the address debian-devel-ctl@debian.or.jp; help=<mailto:debian-devel-ctl@debian.or.jp?body=help>
X-ml-name: debian-devel
X-mlserver: fml [fml 2.2]; post only (only members can post)
References: <200005100400.NAA25791@xxxxxxxxxxxxx> <200007010404.NAA02250@xxxxxxxxxxxxxxxxxx> <887lb3l4d8.wl@xxxxxxxxxxxxxxx>
Message-id: <20000703230012F.ishikawa@xxxxxxxxxxx>
X-mail-count: 12598
User-agent: Wanderlust/1.1.1 (Purple Rain) EMY/1.13.6 (Life is balance) FLIM/1.13.2 (Kasanui) APEL/10.2 Emacs/20.7 (i386-debian-linux-gnu) MULE/4.1 (AOI)

むつみです。

>>>>> In [debian-devel : No.12597] 
>>>>>	Hiroshi KISE <fuyuneko@xxxxxxxxxxxx> wrote:
>> At Sat, 1 Jul 2000 13:04:31 +0900,
>> NOKUBI Takatsugu wrote:

>> root権限で動いている(よね)というのも問題かもしれません。rootである
>> 必要がなければ、もっと弱い権限で動かしたほうがいいでしょう(wishlist
>> するかな)。
>>
>> これ、cannaserverに限りません。

 これは 検討しましたが とりあえずは 今回は見送りました。

 理由

 1) ともかく セキュリティホールを閉じた上で新しいパッケージを出すのが
    先決。

 2) potato リリース前に余計な手を入れて、動かなくしたくない。変更点は
    最小限に。

 3) セキュリティ的には cannaserver を動かす専用 UID があった方が望まし
    いはずだが、現在の policy では各 パッケージが勝手に /etc/passwd と
    かにユーザを追加したりしてはいけない。base-files パッケージの
    メンテナに依頼が必要(でもって、そのメンテナが反応遅いんだこれ
    が。。。)。どう考えても時間がかかる。

ということで、今 やるべきではないと判断しました。

-- 
いしかわ むつみ <ishikawa@xxxxxxxxxxx>

Follow-Ups:
- [debian-devel:12599] Re: (draft) [SECURITY] New version of canna released
  - From: Hiroshi KISE
- [debian-devel:12601] Re: (draft) [SECURITY] New version of canna released
  - From: Fumitoshi UKAI

References:
- [debian-devel:12572] (draft) [SECURITY] New version of canna released
  - From: NOKUBI Takatsugu
- [debian-devel:12597] Re: (draft) [SECURITY] New version of canna released
  - From: Hiroshi KISE

Prev by Date: [debian-devel:12597] Re: (draft) [SECURITY] New version of canna released
Next by Date: [debian-devel:12599] Re: (draft) [SECURITY] New version of canna released
Previous by thread: [debian-devel:12597] Re: (draft) [SECURITY] New version of canna released
Next by thread: [debian-devel:12599] Re: (draft) [SECURITY] New version of canna released
Index(es):
- Date
- Thread