Johnny C. Lam wrote:

> I was thinking of modifying the +PERMS script to handle this situation. 
>  The install scripts would grow another shell-settable variable 
> PKG_ALLOW_SETGUID which defaults to "yes".  If PKG_ALLOW_SETGUID is 
> "yes", then just go ahead and set the mode on set[gu]id programs.  If 
> it's "no", then set the mode to 0000 and warn the admin to set the right 
> user, group and mode.
> 
> Then for unprivileged builds, we default to PKG_ALLOW_SETGUID to "no".

I might quibble over the variable name (PKG_ALLOW_SETID, perhaps?), but 
this sounds like the right abstraction and a safe default value. It'd be 
nice to have that level of control for privileged builds, too.