Package: fakeroot Version: 1.5.9 Severity: normal Here is an ls -l /usr/lib/libfakeroot-*
lrwxrwxrwx 1 root root 18 2006-05-02 18:08 /usr/lib/libfakeroot-0.so -> libfakeroot-tcp.so -rwSr--r-- 1 root root 2656 2006-07-08 19:27 /usr/lib/libfakeroot-sysv.so -rwSr--r-- 1 root root 2656 2006-07-08 19:27 /usr/lib/libfakeroot-tcp.so As you can see, the user setuid bit is set on two shared library files. I have never heard of a use for a setuid bit in a library; if there is a purpose for this bit then I would appreciate enlightenment. If there is no purpose then the setuid permission should be removed as this bit sets off standard setuid security scans / scripts. -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.15-1-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages fakeroot depends on: ii libc6 2.3.6-15 GNU C Library: Shared libraries fakeroot recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
