Subject: setuid-root binaries and unprivileged builds
To: NetBSD Packages Technical Discussion List <firstname.lastname@example.org>
From: Johnny C. Lam <email@example.com>
Date: 06/15/2007 15:08:53
After Roland's rousing talk at pkgsrcCon/Barcelona, I'm playing with
unprivileged builds on my pkgsrc system. I've just installed my first
package that has a setuid-root binary, but of course, that doesn't get
installed correctly at the moment. I'm wondering what the correct
action should be?
I was thinking of modifying the +PERMS script to handle this situation.
The install scripts would grow another shell-settable variable
PKG_ALLOW_SETGUID which defaults to "yes". If PKG_ALLOW_SETGUID is
"yes", then just go ahead and set the mode on set[gu]id programs. If
it's "no", then set the mode to 0000 and warn the admin to set the right
user, group and mode.
Then for unprivileged builds, we default to PKG_ALLOW_SETGUID to "no".
-- Johnny Lam <firstname.lastname@example.org>