Bug ID | 1183669 |
---|---|
Summary | AUDIT-0: pleaser: security audit for permissions-file-setuid-bit |
Classification | openSUSE |
Product | openSUSE Tumbleweed |
Version | Current |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Security |
Assignee | security-team@suse.de |
Reporter | ed-suse.com@s5h.net |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
Hello, Would you mind performing a security review for me? please is a memory safe sudo alternative that focuses on assigning rules with familiar regex syntax. The pacakge is at https://build.opensuse.org/package/show/home:eneville/pleaser. Upstream source is at https://gitlab.com/edneville/please The message from the build service is: [ 174s] please.x86_64: E: permissions-file-setuid-bit (Badness: 10) /usr/bin/please is packaged with setuid/setgid bits (04755) [ 174s] please.x86_64: E: permissions-file-setuid-bit (Badness: 10) /usr/bin/pleaseedit is packaged with setuid/setgid bits (04755) [ 174s] If the package is intended for inclusion in any SUSE product please open a [ 174s] bug report to request review of the package by the security team. Please [ 174s] refer to [ 174s] https://en.opensuse.org/openSUSE:Package_security_guidelines#audit_bugs for [ 174s] more information. Thank you very much in advance. Ed Neville