Comment 101 for bug 13795
Revision history for this message
| Debian Bug Importer (debzilla) wrote | #101 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
Message-Id: <email address hidden>
Date: Fri, 25 Mar 2005 06:37:14 +1100
From: <email address hidden>
To: <email address hidden>, <email address hidden>
Subject: Re: Bug#299007: base-files: Insecure PATH in /root/.profile
Bill,
Thank you for the explanations.
> One of the rules is that policy proposal are wishlist by definition.
Quite sensible: protect the policy-makers from blame and "litigation".
I guess that the couple of "normal" bugs listed under
http://
never followed instructions and never set severity.
> In no way installing the debian-policy package introduce a security
> hole, causes serious data loss or makes unrelated software on the
> system break.
Not the installation of the policy package, but the following of the
policy, prevents base-files from being secure. Is not the policy at
fault if it mandates insecure settings or actions?
Cheers,
Paul Szabo <email address hidden> http://
School of Mathematics and Statistics University of Sydney Australia