On 2023-08-11 18:58, Larry Finger wrote:
On 8/11/23 09:49, Joe Salmeri wrote:
Thanks Jan, Carlos and others that have explained what is going on.
Since the default install uses the easy permissions, would it make sense for the RPMs to match what the easy permissions are.
If the admin switches to more restrictive permissions, then they would get the messages ( which makes sense to me ).
As I said in my previous posting, at least SUID permissions cannot be set in the spec file that builds an rpm. VirtualBox has a number of executables that must have permissions 4755, but if you try to set them in the rpm build, it blows up with a fatal error in the program name rpmlint, which checks for a number of errors.
This behavior is by DESIGN, not an accident. If any package developer could set their package to have arbitrary permissions, the security holes would be huge. Instead, developers must have any such files included in the permissions package, and such inclusions are tightly controlled by the Security gurus at openSUSE. Speaking from experience, it is not easy to get a new file included, nor should it be.
You can probably package your own permissions in /etc/permissions.d/somefile ;-) -- Cheers / Saludos, Carlos E. R. (from 15.4 x86_64 at Telcontar)