tag 428830 wontfix thanks On Sun, Jun 17, 2007 at 08:50:25PM +0200, Jose Carlos Garcia Sogo wrote: > In my opinion, we shoud avoud suid stuff as much as possible, and if > we can even make it almost impossible to be used we can block some > attack vector using that suid aware file. > > So basically, if it is not needed, it should not be enabled, most if > the package needing is moving to avoid it.
OK, tagging this as wontfix. I have added a note about this in README.Debian for the next version (but let's see how the hurd issue in #431127 turns out before uploading it.) Gary, you'll have to recompile speedy yourself if you really need this. Note that openwebmail has a bad track record in security issues, and it was removed from Debian in 2005 because of this. See #301561 and http://bugs.debian.org/src:openwebmail&archive=yes . Cheers, -- Niko Tyni [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
