[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Setuid programs

From: Maxim Cournoyer
Subject: Re: Setuid programs
Date: Fri, 28 Aug 2020 00:43:22 -0400
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)

Hello Gabor!

Gábor Boskovits <> writes:

> Hello guix,
> I would like to propose an extension to how setuid programs are
> currently handled. The last time I checked it could only do setuid and
> setgid root. Some services, such as postfix need a more fine grained
> setuid setup. I would propose a record type, such as:
> (setuid
> (program setuid-program)
> (setuid setuid-setuid)
> (setgid setuid-setgid)
> (user setuid-user)
> (group setuid-group))
> So that there is more fine grained control.
> I would also propose to move this to the services framework, so that
> services could extend this field on demand.
> Wdyt?

This sounds great!  I also encountered such limitation and tried to
fixing it in, with some success (and an
unresolved limitation pointed by Chriistopher) but I agree that using a
record makes more sense and is more future proof.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]