sudo and changes in packaging guidelines
Frank Ch. Eigler
fche at redhat.com
Fri Apr 13 18:37:01 UTC 2012
> [...]
> If your package meets the following criteria you MUST enable the PIE compiler
> flags:
> [...]
> * Your package runs as root.
> [...]
If this is meant to cover administrative binaries that have no
privilege escalation pieces of their own, merely run by root, then
what makes them different from any other /bin/* program that a root
process might invoke?
- FChE
More information about the devel
mailing list