From mboxrd@z Thu Jan  1 00:00:00 1970
From: John Darrington <john@darrington.wattle.id.au>
Subject: Re: [PATCH] gnu: aegis: New variable.
Date: Thu, 17 Jul 2014 18:05:28 +0200
Message-ID: <20140717160528.GB3678@intra>
References: <1405518437-24315-1-git-send-email-jmd@gnu.org>
	<87r41kdo87.fsf@gnu.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="i9LlY+UWpKt15+FH"
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:49868)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <john@darrington.wattle.id.au>) id 1X7oBd-0007FF-58
	for guix-devel@gnu.org; Thu, 17 Jul 2014 12:05:42 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <john@darrington.wattle.id.au>) id 1X7oBX-0003Bt-Am
	for guix-devel@gnu.org; Thu, 17 Jul 2014 12:05:36 -0400
Content-Disposition: inline
In-Reply-To: <87r41kdo87.fsf@gnu.org>
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
To: Ludovic =?iso-8859-1?Q?Court=E8s?= <ludo@gnu.org>
Cc: guix-devel@gnu.org, John Darrington <jmd@gnu.org>


--i9LlY+UWpKt15+FH
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Jul 17, 2014 at 05:00:40PM +0200, Ludovic Court=E8s wrote:
    =20
     The package itself cannot install things setuid (nothing can be setuid
     in the store), but there can be setuid programs in the system (see
     gnu/system.scm.)
    =20
I'm not sure that I understand that.  Maybe you can enlighten me sometime.o

Should I add /bin/aegis here: ?

(define %setuid-programs
  ;; Default set of setuid-root programs.                                  =
                                                            =20
  (let ((shadow (@ (gnu packages admin) shadow)))
    (list #~(string-append #$shadow "/bin/passwd")
          #~(string-append #$shadow "/bin/su")
          #~(string-append #$inetutils "/bin/ping")
          #~(string-append #$sudo "/bin/sudo")
          #~(string-append #$fuse "/bin/fusermount"))))
    =20

--=20
PGP Public key ID: 1024D/2DE827B3=20
fingerprint =3D 8797 A26D 0854 2EAB 0285  A290 8A67 719C 2DE8 27B3
See http://sks-keyservers.net or any PGP keyserver for public key.


--i9LlY+UWpKt15+FH
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlPH9EcACgkQimdxnC3oJ7P9jwCfdBtH2iny3bcAr9VBnM6WQnEn
258An2vU7vKKDxiaqLjzgEKbSQZ9klMv
=dOjO
-----END PGP SIGNATURE-----

--i9LlY+UWpKt15+FH--