From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Ulrich Mueller Newsgroups: gmane.emacs.devel Subject: Re: [PATCH] Allow update-game-score to run sgid instead of suid. Date: Fri, 6 Feb 2015 11:35:09 +0100 Message-ID: <21716.39133.974878.311315@a1i15.kph.uni-mainz.de> References: <21688.64785.754456.35609@a1i15.kph.uni-mainz.de> <21715.23580.816153.499778@a1i15.kph.uni-mainz.de> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Trace: ger.gmane.org 1423218951 30398 80.91.229.3 (6 Feb 2015 10:35:51 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Fri, 6 Feb 2015 10:35:51 +0000 (UTC) Cc: emacs-devel@gnu.org To: Stefan Monnier Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Feb 06 11:35:50 2015 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1YJgGM-0006nS-Cu for ged-emacs-devel@m.gmane.org; Fri, 06 Feb 2015 11:35:50 +0100 Original-Received: from localhost ([::1]:47549 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YJgGG-000632-U0 for ged-emacs-devel@m.gmane.org; Fri, 06 Feb 2015 05:35:44 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:44449) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YJgFr-00060o-IV for emacs-devel@gnu.org; Fri, 06 Feb 2015 05:35:20 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YJgFl-00014r-UA for emacs-devel@gnu.org; Fri, 06 Feb 2015 05:35:18 -0500 Original-Received: from a1www.kph.uni-mainz.de ([134.93.134.1]:53810) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YJgFl-00014i-Ey for emacs-devel@gnu.org; Fri, 06 Feb 2015 05:35:13 -0500 Original-Received: from a1i15.kph.uni-mainz.de (a1i15.kph.uni-mainz.de [134.93.134.92]) by a1www.kph.uni-mainz.de (8.14.9/8.14.7) with ESMTP id t16AZBfQ028548; Fri, 6 Feb 2015 11:35:11 +0100 Original-Received: from a1i15.kph.uni-mainz.de (localhost [127.0.0.1]) by a1i15.kph.uni-mainz.de (8.14.8/8.14.2) with ESMTP id t16AZBk5008421; Fri, 6 Feb 2015 11:35:11 +0100 Original-Received: (from ulm@localhost) by a1i15.kph.uni-mainz.de (8.14.8/8.14.8/Submit) id t16AZANP008417; Fri, 6 Feb 2015 11:35:10 +0100 In-Reply-To: X-Mailer: VM 8.2.0b under 24.3.1 (x86_64-pc-linux-gnu) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 134.93.134.1 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:182517 Archived-At: >>>>> On Thu, 05 Feb 2015, Stefan Monnier wrote: >> So, any objections against changing the default, as indicated above? > I'm OK with changing to setgid instead of setuid, yes (I don't have > a strong opinion either way on this). A small problem with this is that there seems to be no portable command to check for existence of a group. (There is getent(1) in GNU/Linux and {Free,Open,Net}BSD but it's not specified by POSIX.) But I guess we can set the default in configure and try to chgrp to it during make install. It fails softly, so installation won't abort if the group doesn't exist. > As for defaulting to "neither setuid nor setgid", I'm less convinced. > After all, I'd expect that most cases where Emacs is built "by hand" > (rather than installed from a distro), the build will be done by > a non-privileged user, so it will already end up being neither > setgid/setuid. IOW changing the default will end up catching distros > by surprise with no real upside. There's a note in etc/NEWS ... But point taken. Ulrich