Hi Colin, On Thu, Feb 1, 2024 at 1:44 AM Colin Watson <[email protected]> wrote: > I'm both the Debian and upstream maintainer of man-db. I'm considering > uploading some variation of the attached diff to buster-security LTS. > They're adjustments to hardening arrangements, so they do have some > security relevance, although I'm aware they aren't really security fixes > as such; nevertheless, I'd like to make these changes since it's better > than having people get into the habit of disabling hardening measures > that get in their way. > > Would anyone like to review this? FWIW, my assessment is that these > changes are low-risk in terms of regression potential, since they just > add a couple of extra entries to existing rulesets and so shouldn't > disallow anything that's currently allowed.
Whilst the debdiff looks good, I see that you haven't unaplied the patch as I can still see changes in lib/sandbox.c in the diff. I am hoping that's what has happened. The changelog entry timestamp also might need a refresh. It says - Sat, 31 Aug 2019. :) Other than the above two points, it looks good, please go ahead. - u
