[csw-maintainers] Backing up the sudo binary
Peter Bonivart
bonivart at opencsw.org
Mon Feb 27 00:04:47 CET 2012
2012/2/26 Maciej Bliziński <maciej at opencsw.org>:
> The current sudo package allows to deinstall it and lose the binary. If
> a pkgutil upgrade fails after deinstallation, and before the
> installation of sudo, you end up with a system with no sude. Here's an
> idea:
>
> - sudo preremove backs up the sudo binary somewhere on the filesystem
> - sudo postinstall checks if the new binary is actually installed, and
> if so, removes the backup (the old binary might have a security risk)
>
> This idea would help in my scenario, but has a drawback: when the
> administrator wants to get rid of the sudo binary from the filesystem.
> You run pkgrm, and the sudo binary remains somewhere in the system.
>
> Is it enough to display a postrm message: "The sudo binary has been
> backed up at $location, remove it manually if you really want to get rid
> of it."
>
> Thoughts?
I like the idea and you need a message anyway to make others aware of
that safety net being available.
/peter
More information about the maintainers
mailing list