(In reply to comment #2)
> I think you and I discussed this before, and we agreed that we should eliminate
> this use of group staff, as it makes staff root-equivalent. Let's kill it for
> Hoary.
Indeed.
base-files (3.1.0ubuntu2) hoary; urgency=low
.
* debian/postinst: Do not install /usr/local and subdirectories with "staff"
group writeability. This group is essentially root-equivalent, but there
are cases where somebody can become any user but root (like NFS).
* debian/rules: Do not install /home as root:staff, it makes no sense.
* debian/2775-dirs: Remove "home".
* Ubuntu bug #13795
This fixes new installations, but I don't think that we should touch existing
installations. Administrators may change permissions on purpose (or even use the
staff group for this purpose), so I doubt that we should mess with this. Matt,
if you disagree, please reopen this bug.
(In reply to comment #2)
> I think you and I discussed this before, and we agreed that we should eliminate
> this use of group staff, as it makes staff root-equivalent. Let's kill it for
> Hoary.
Indeed.
base-files (3.1.0ubuntu2) hoary; urgency=low
.
* debian/postinst: Do not install /usr/local and subdirectories with "staff"
group writeability. This group is essentially root-equivalent, but there
are cases where somebody can become any user but root (like NFS).
* debian/rules: Do not install /home as root:staff, it makes no sense.
* debian/2775-dirs: Remove "home".
* Ubuntu bug #13795
This fixes new installations, but I don't think that we should touch existing
installations. Administrators may change permissions on purpose (or even use the
staff group for this purpose), so I doubt that we should mess with this. Matt,
if you disagree, please reopen this bug.