[email protected] Cc: [EMAIL PROTECTED] Bcc: Subject: Re: Bug#298060: (forw) Bug#298060: Please don't install login as setuid root Reply-To: In-Reply-To: <[EMAIL PROTECTED]> X-message-flag: Outlook is a good virus spreading tool. It can send mail, too. X-pot_a_miel: [EMAIL PROTECTED]
Quoting Martin Schulze ([EMAIL PROTECTED]): > When no code needs to be changed but only the suid bit dropped > and login still works as expected, I don't see a reason not to > drop the setuid bit, even the contrary, I wonder why it is setuid > root in the first place. Well, should I take this as the official Security Team advice�? If so, the conclusion would be�: the Security Team is OK for the change while the Release Team is not really pushing it...which would then draw the conclusion for me�: delay the change as the priority now is to release. I could for sure upload something changed to experimental. But, well, I simply don't feel I have the resources for handling two branches for shadow at this moment. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
