Package: fakeroot Version: 1.2.10 Severity: normal -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
the nightly security check suddenly showed a new setuid file: [EMAIL PROTECTED]:lib$ ls -l /usr/lib/libfakeroot-sysv.so.0.0.1 - -rwSr--r-- 1 root root 3196 2005-04-23 12:27 /usr/lib/libfakeroot-sysv.so.0.0.1 I don't see anything in the changelog about this. It looks like a pretty weird permission to set on a shared lib; shouldn't it at least be +x? Also, is it really supposed to be LD_PRELOAD-able by suid programs? [Though the ld.so manpage says setgid for this]. - -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing'), (130, 'unstable'), (120, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.10-bohr Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages fakeroot depends on: ii libc6 2.3.2.ds1-21 GNU C Library: Shared libraries an - -- no debconf information -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFCd+cw+z+IwlXqWf4RAiy/AJ9aHXT7+C46ASPLLQV+DhmERJrhTQCfWs6b nxnLTb2o8FdsvHuK/cAJnAo= =dMHc -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
