Package: debian-security-support Version: 2019.12.12~deb8u2 Severity: normal
Colour my surprise when I did an “ls -l /var/lib” and saw: […] drwxr-xr-x 3 root root 4096 Oct 1 2019 ucf/ drwxr-xr-x 2 root root 4096 Jul 6 2012 update-rc.d/ drwxr-xr-x 2 root root 4096 Sep 7 2012 urandom/ drwxr-xr-x 3 root root 4096 Feb 7 2007 vim/ drwxr-xr-x 2 root root 4096 Feb 17 2020 xfonts/ drwxr-xr-x 2 root root 4096 Dec 17 2015 xml-core/ That’s *massively* too wide. Scrolling up revealed the culprit: drwxr-xr-x 2 debian-security-support debian-security-support 4096 Feb 17 2020 debian-security-support/ Unix usernames are supposed to be up to 8 characters (in fact, some environments fail if they are longer, silently truncate them, or otherwise explode). This is… untenable. Please change this. Thanks! -- System Information: Debian Release: 8.11 APT prefers oldoldstable-updates APT policy: (500, 'oldoldstable-updates'), (500, 'oldoldstable') Architecture: i386 (i686) Kernel: Linux 3.16.0-11-amd64 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/lksh Init: sysvinit (via /sbin/init) Versions of packages debian-security-support depends on: ii adduser 3.113+nmu3 ii debconf [debconf-2.0] 1.5.56+deb8u1 ii gettext-base 0.19.3-2 debian-security-support recommends no packages. debian-security-support suggests no packages. -- debconf information: debian-security-support/ended: debian-security-support/limited: debian-security-support/earlyend: