© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
I second all your recommendations. Just trying to do some considerations from Ubuntu (distributor's ) point of view:
I do not know, if catman is still used, someone might complain. If yes, then in my opinion, creation of files by catman is the problem: when catman is run as user "man", the chown is not required, removal is done as user "man" anyway. So privilege separation would be OK.
If cat pages are generated as user "root", storing them in directory writable by user "man" is VERY risky and should not be performed anyway. In that case separation of storage locations should be more the way to go.
About PAM: I did not verify, if PAM does or does not perform permission checks, in that case the owner check is the problematic part. Here I do not known, if there might be regressions due to unexpected use of passwd/shadow tools together with the chroot option to operate on offline uid-namespaced containers, e.g. switched off LXC before poweron. In that case, the tools could refuse to operate.