From xemacs-m  Sat Apr  5 14:45:33 1997
Received: from apollo.jeeves.net (apollo.jeeves.net [206.242.44.75])
	by xemacs.org (8.8.5/8.8.5) with ESMTP id OAA22057
	for <xemacs-beta@xemacs.org>; Sat, 5 Apr 1997 14:45:32 -0600 (CST)
From: repayne@jeeves.net
Received: (from uucp@localhost) by apollo.jeeves.net (8.7.6/8.7.3) id OAA14047 for xemacs-beta@xemacs.org; Sat, 5 Apr 1997 14:58:31 -0600 (CST)
Message-Id: <199704052058.OAA14047@apollo.jeeves.net>
Received: from athena.jeeves.net(206.242.44.56) by apollo.jeeves.net via smap (V1.3)
	id sma014043; Sat Apr  5 14:58:05 1997
Content-Transfer-Encoding: 7bit
Sender: repayne@jeeves.net
MIME-Version: 1.0
Date: Sat, 05 Apr 1997 14:45:05 -0600 (CST)
Subject: Re: A security hole during XEmacs installation
X-Mailer: Jeeves by AetherWorks, version Mar 21 1997
X-Jeeves-State: 1
Content-Disposition: inline
X-Priority: 3 (Normal)
X-Jeeves-Addresses: j9bnODDBWZt99uL0P776WA==-addresses
Reply-To: repayne@jeeves.net
Content-Type: text/plain
To: xemacs-beta@xemacs.org (XEmacs Beta List)

On 02 Apr 1997 22:40, Steven L Baur writes:
> David Moore <dmoore@ucsd.edu> writes:
> 
> > And I do note that most software when installed by root gets owned
> > by root.
> 
> XEmacs should be installed by root, and have all files with executable
> code owned by root.  I think with the advent of portable Unix virii
> some months ago it's too dangerous to have binaries owned by anyone
> other than root.[1]
> 
> Footnotes: 
> [1]  Unless the installer insists on shooting himself or herself in
> the foot.

Can't we solve this entire debate by allowing USER=<someuser>,
GROUP=<somegroup> in the makefile (this could be included on the configure
line) with default user/group being root/root or something similar.  I
agree that most installations are going to be owned by root, but we should
have allow for this and give individual admins the freedom to do however
local policy dictates.  Am I missing something here?

As far as copying, I suppose you would like to see copying be the step that
sets the permissions, and ownership, while keeping the timestamp, but it
may not be possible to do this in one step because of portability concerns.

Just my $.02.
								-rob

(steve, sorry you are getting this twice, it was sent before I changed the
recipient) 

