Requiring all files in /usr to be world-readable?

Miloslav Trma─Ź mitr at redhat.com
Fri Oct 31 17:59:30 UTC 2014


----- Original Message -----
> I filed an FPC ticket: https://fedorahosted.org/fpc/ticket/467
> 
> Thoughts?

My intuition is that if an application needs _everything_ in /usr to be readable then it is likely broken.  Something being placed in /usr does _not_ imply that it is supposed to be used by everyone.   An administrator can come and change the permissions at any time, and the packaging guideline would not affect anything not included in Fedora-distributed RPMs.  And if we look only at the cases that would be helped by the proposed guideline, i.e. only depending on Fedora RPM-distributed files (but not being particular about what the purpose of kind of file this is), the application would probably be better off just opening and reading the RPMs from repos directly instead of reusing whatever local damage could have been done to the partition.

Perhaps there are useful subsets of files in /usr where mandating this would be useful; but all of /usr is seems like an unnecessary overreach.

(And to the specific examples brought up: No opinion on systemd services; making setuid binaries not world-readable has a _definite_ benefit when prelink is set up, OTOH that is no longer a default.)
    Mirek


More information about the devel mailing list