On Sun, Aug 18, 2013 at 11:03 PM, Ondřej Surý <[email protected]> wrote: > Control: tag -1 +wontfix > Control: severity -1 wishlist > Gergely, > please read the bug the Thijs already mentioned - removing maxdepth has a > security implications. > If you modify the default settings you are responsible also to modify the > other ends. The session cleaning is documented in Debian package and we > simply cannot handle all possible configuration options the user might set.
As far as I read the other problem, it pertains to the fact that the find command can be misled into following symbolic links. That can be easily avoided by adding the -P option to the command line. It is also entirely possible to restrict the possible damage even more by adding "-iname sess_*" to make sure the only files that are affected are session files. -garg -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

