Since about 2009 Debian decided to require the file /etc/staff-group-for-usr-local to exist in order for the staff group to make sense.

The bug report which initiated the discussion:

The Technical Committee discussion and voting process:

An interesting contribution:

Current debian policy page:


The reduced statement “group staff is root-equivalent” is an incorrect shortening. A series of configurations and events has to happen for this to be true. Especifically a user account with group staff has to install a trojan.

While not exporting /usr/local writable via NFS, a threat to the local system is not to be expected.

We don’t fight about names, “staff” is as good as anything else, the capabilities of the account are what counts.


  • We want to use the benefits of installation of local software with reduced privileges.
  • We don’t use NFS.
  • We only add users to group staff we trust both to be security aware and without malicious intents.
  • We stick to using the group staff for root-less installation of software.