Bug ID 1183669
Summary AUDIT-0: pleaser: security audit for permissions-file-setuid-bit
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter ed-suse.com@s5h.net
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

Hello,

Would you mind performing a security review for me?

please is a memory safe sudo alternative that focuses on assigning rules with
familiar regex syntax.

The pacakge is at
https://build.opensuse.org/package/show/home:eneville/pleaser.

Upstream source is at https://gitlab.com/edneville/please

The message from the build service is:

[  174s] please.x86_64: E: permissions-file-setuid-bit (Badness: 10)
/usr/bin/please is packaged with setuid/setgid bits (04755)
[  174s] please.x86_64: E: permissions-file-setuid-bit (Badness: 10)
/usr/bin/pleaseedit is packaged with setuid/setgid bits (04755)
[  174s] If the package is     intended for inclusion in any SUSE product
please open a
[  174s] bug report to request     review of the package by the security team.
Please
[  174s] refer to
[  174s]
https://en.opensuse.org/openSUSE:Package_security_guidelines#audit_bugs for
[  174s] more     information.

Thank you very much in advance.

Ed Neville

You are receiving this mail because: